The US Government, Cybersecurity and Infrastructure Security Agency (CISA) has added Microsoft Windows and RAR (zip software), vulnerabilities to it’s database. CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA
Yesterday was Patch Tuesday – Exchange server gets a special mention
Microsoft has issued it’s monthly round of patches and updates, SANS Internet Storm Centre has a round-up here: Microsoft August 2022 Patch Tuesday – SANS Internet Storm Center This update addresses the DogWalk zero-day vulnerability. Here are the Microsoft release notes: August 2022 Security Updates – Release Notes – Security …
Continue reading “Yesterday was Patch Tuesday – Exchange server gets a special mention”
Commercialised cyberweapons
For when you have time, here are two articles from Microsoft looking at cyberweapons: Continuing the fight against private sector cyberweapons – Microsoft On the Issues Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits – Microsoft Security Blog The view from the US Government Pegasus spyware: Just ‘tip of …
New ransomware in the wild
A new strain of malware/ransomware has been discovered by the MalwareHunterTeam – who have Tweeted out details and images. The ransomware is being called RedAlert, or N13V, and target Windows and Linux VMWare ESXi servers. New RedAlert Ransomware targets Windows, Linux VMware ESXi servers (bleepingcomputer.com) Double extortion Similar to other …
Google Chrome on Windows needs an update
Google Releases Security Update for Chrome | CISA