Radar Alerts for 22 April 2019

New Alert for hardcoded credentials in Polycom VVX product.  Requires physical Access.  Updated Linux Alert for RedHat and Oracle Linux. https://radar.securitywizardry.com
  39 Hits
  0 Comments
Tags:
39 Hits
0 Comments

Radar Page Alerts for 19 April, 2019

Security Wizardry Cyber Threat Intelligence - The Radar Page New Alerts for Lenovo (reporting a month old NetApp firmware default account) and Linux updates for SUSE and Arch Linux. https://radar.securitywizardry.com
  101 Hits
  0 Comments
Tags:
101 Hits
0 Comments

Radar Page Alerts for 18 April, 2019

New Alerts for 29 Cisco bulletins, CODESYS Gateway and other products, Broadcom Wifi chipset (meaning many vendors), Atlassian Confluence, and Foxit PhantomPDF. Updated Linux Alert to include SUSE, RedHat, Oracle Linux, and Gentoo Linux. https://radar.securitywizardry.com
  123 Hits
  0 Comments
Tags:
123 Hits
0 Comments

Sea Turtle hacker group hijacks country-code top level domains

A hacker group it's calling Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hitting 40 different organizations. In the process, they went so far as to compromise multiple country-code top-level domains—the suffixes like .co.uk or .ru that end a foreign web address—putting all the traffic of every domain in multiple countries...
Continue reading
  70 Hits
  0 Comments
70 Hits
0 Comments

New Role - Cisco FirePower Threat Defense (FTD) Engineer - Contractor (Cisco)

https://www.cndltd.com/recruitment/all-jobs/posting/65/network-security-consultant Job Code 1431 Posted On Wednesday, 17th April 2019 Closing On Tuesday, 16th July 2019 Location Swindon Job Type Contract Job Description CND are partnered with a long-term client to support their efforts implementing cutting edge next generation firewalls to a leadin...
Continue reading
  18 Hits
  0 Comments
18 Hits
0 Comments

Radar Page Alerts for 17 April, 2019

Oracle Quarterly Patches are out, with 53 critical patches (CVSSv3 9 or above), 49 of those are CVSSv3 9.8. There are also quarterly bulletins out for Solaris third-party software, Oracle Linux, and Oracle VM Server. Phoenix Contact has updated the AXC F 2152 product, and the usual suspects of Linux updates. https://radar.securitywizardry.com
  74 Hits
  0 Comments
Tags:
74 Hits
0 Comments

New Role - Cyber Security Research Engineer - Permanent

https://www.cndltd.com/recruitment/all-jobs/posting/64/cyber-security-research-engineer ​ Job Description CND are working with a team of passionate and talented designers, developers and security researchers. Together they design and build industry leading tools that, amongst other things, help to identify and develop new cyber security talent. The...
Continue reading
  37 Hits
  0 Comments
37 Hits
0 Comments

Fortinet purposely hid Chinese roots of products

For over 7 years, someone at Fortinet slapped "Made in the USA" labels on their Chinese-manufactured gear, and let them be sold into the US Government.   It cost the company over $500,000 in a settlement.  Stock prices for Fortinet are up, so this must have been baked in and better than expected. Federal investigators say an unnamed ...
Continue reading
  80 Hits
  0 Comments
80 Hits
0 Comments

Radar Page Alerts for 16 April, 2019

New Alerts for an F5 glibc vulnerability, Foxit Reader and PhantomPDF updates to correct multiple vulnerabilities that could allow RCE, and NetApp third-party software bulletins. Updated Linux Alert includes OpenSUSE and Gentoo Linux. Oracle Quarterly Patches come out later today. Security Wizardry Cyber Threat Intelligence - The Radar Page Securit...
Continue reading
  103 Hits
  0 Comments
Tags:
103 Hits
0 Comments

Orbital Billboards

​Using cubesats and mylar sails, "Orbital Billboards" will fill the sky.  Futuristic, but coming soon.  The video shows the concept.
  15 Hits
  1 Comment
15 Hits
1 Comment

Radar Page Alerts for 15 April, 2019

Today's Alerts include: Confluence patch published last month is actively being exploited Apache Tomcat update that fixes a vulnerability reported last week Apache MINA information disclosure vulnerability WAGO unauthorized service access (hardcoded credentials)  I thought I had already reported this, but can't find it, so here it is (maybe ag...
Continue reading
  59 Hits
  0 Comments
Tags:
59 Hits
0 Comments

Some Monday Morning Humour

I couldn't resist sharing this image DENY ANY ANY 
  59 Hits
  0 Comments
59 Hits
0 Comments

New Role - Senior Security Consultant - Permanent

To Apply  https://www.cndltd.com/recruitment/all-jobs/posting/63/senior-security-consultant At CND we are partnered with a leading UK consultancy to conduct a search for the next Senior Security Consultant to join their burgeoning GRC team. They are pushing the governance offering to their clients over the next financial year and have lined up...
Continue reading
  18 Hits
  0 Comments
18 Hits
0 Comments

CND Radar Friday 12 April 2019

New Alerts for NetApp and VPNs. Updated F5 and Linux Alerts. https://www.securitywizardry.com/radar.htm
  64 Hits
  0 Comments
Tags:
64 Hits
0 Comments

CND Radar Thursday 11 April 2019

New Alerts for Juniper, McAfee, F5, Citrix, Xerox, and Linux  https://www.securitywizardry.com/radar.htm
  16 Hits
  1 Comment
Tags:
16 Hits
1 Comment

CND Radar Wednesday 10 April 2019

 New Alerts for McAfee, Verizon, Palo Alto Networks, and Apache Tomcat. Updated Schneider Electric and Linux Alerts https://www.securitywizardry.com/radar.htm
  69 Hits
  0 Comments
Tags:
69 Hits
0 Comments

CND Radar - Full House Wednesday 10 April 2019

Yesterday we almost had a full set of dials for new vulnerabilities, patch Tuesday helped. Please consider finding out more about what we do   https://www.cndltd.com/cnd-radar-and-app
  11 Hits
  0 Comments
Tags:
11 Hits
0 Comments

CND Radar Patch Tuesday 09 April 2019

Microsoft and Adobe Patch Tuesday Alerts are out   https://radar.securitywizardry.com/
  9 Hits
  0 Comments
Tags:
9 Hits
0 Comments

GeoPolitical Unrest and its Effect on Cyber

Today we increased our Geo Political Alert State to Yellow (Increased) in anticipation of cyber hostilities between India and Pakistan.  Update: The Geo Political Alert State was reduced again after the incident was resolved As tensions increase between nations the cyber battlespace is increasingly being used for non-attributable escalati...
Continue reading
  372 Hits
  0 Comments
372 Hits
0 Comments

Digital Forensic Readiness Planning

Forensic Readiness Planning should form an integral part of an organisation's Incident Response Planning (IRP). To define Forensic Readiness Planning in one sentence: Ensuring that an organisation is collecting sufficient logs and storing them in a forensically sound manner in order to facilitate a thorough investigation of an incident and if neces...
Continue reading
  588 Hits
  0 Comments
588 Hits
0 Comments

© Computer Network Defence Limited 2019