Keeping track of the software and hardware you use, that then are discovered to have security flaws in them is important, especially if those flaws are being exploited by threat actors. The quicker you or the people responsible for your cyber security know there are issues, the quicker any available …
CISA posts advisories on a range of security patches
Other vendors issue their monthly security and feature patches on or around Microsoft Patch Tuesday – it makes sense to get the updates all done together. The US government Cybersecurity and Infrastructure Security Agency (CISA) – one of my go to cyber security sites – issues regular round-ups of the …
Continue reading “CISA posts advisories on a range of security patches”
Routers and NAS Devices
Recently we covered the issues of hardware vulnerabilities and how network devices and other hardware are often missed when it comes to cyber security patching. Here are two more examples of why you should not miss the hardware… New Condi malware builds DDoS botnet out of TP-Link AX21 routers (bleepingcomputer.com) …
Zyxel firewall flaw
For smaller organisations updating network devices is often overlooked. CISA is warning of a flaw in Zyxel firewalls that is being actively exploited by hackers even though the vendor issued patches for the vulnerability over a month ago! CISA Adds One Known Exploited Vulnerability to Catalog | CISA Hackers exploit …
Do you use Zyxel equipment?
If your network uses Zyxel equipment then you need to check if it is on the list compromised equipment that needs patching. Zyxel warns of critical vulnerabilities in firewall and VPN devices (bleepingcomputer.com)