The US Government, Cybersecurity and Infrastructure Security Agency (CISA) has added Microsoft Windows and RAR (zip software), vulnerabilities to it’s database. CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA
Yesterday was Patch Tuesday – Exchange server gets a special mention
Microsoft has issued it’s monthly round of patches and updates, SANS Internet Storm Centre has a round-up here: Microsoft August 2022 Patch Tuesday – SANS Internet Storm Center This update addresses the DogWalk zero-day vulnerability. Here are the Microsoft release notes: August 2022 Security Updates – Release Notes – Security …
Continue reading “Yesterday was Patch Tuesday – Exchange server gets a special mention”
Commercialised cyberweapons
For when you have time, here are two articles from Microsoft looking at cyberweapons: Continuing the fight against private sector cyberweapons – Microsoft On the Issues Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits – Microsoft Security Blog The view from the US Government Pegasus spyware: Just ‘tip of …
New ransomware in the wild
A new strain of malware/ransomware has been discovered by the MalwareHunterTeam – who have Tweeted out details and images. The ransomware is being called RedAlert, or N13V, and target Windows and Linux VMWare ESXi servers. New RedAlert Ransomware targets Windows, Linux VMware ESXi servers (bleepingcomputer.com) Double extortion Similar to other …
Google Chrome on Windows needs an update
Google Releases Security Update for Chrome | CISA
CISA adds several Windows vulnerabilities to the ” Known Exploited Vulnerabilities Catalogue”
The US Government, Cybersecurity and Infrastructure Security Agency (CISA) has added several new Microsoft Windows, vulnerabilities to it’s database. These all need patches – so again it is a good time to check that your “auto-updating” is working or time to get an Octagon IT monitoring package and let experts monitor the …
CISA statement on mitigating MFA and “PrintNightmare” exploits UPDATED 17 March 2022
This article was first posted on 16 March 2022 Here is some good cyber security advice from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) regarding increased cyber threat activity from the Russia Ukraine conflict. “PrintNightmare” is an escalation of an MFA …