New Vulnerabilities Wednesday 29 July

New Alerts for Secomea, Softing, SICK, Mozilla, Adobe, NETGEAR, and Linux. The Secomea VPN vulnerability got a writeup in SecurityWeek.com about the risk to oil and gas industries. NETGEAR has updated several pre-authentication vulnerabilities in one router model. Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar ...
New Alerts for Google (Chrome), Dell, and Linux. CISA and NCSC are investigating a strain of malware known as QSnatch, which attackers used in late 2019 to target Network Attached Storage (NAS) devices manufactured by the firm QNAP. All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated with the latest security fixes. The...
New Alerts for Hitachi and Linux. It's quiet, other than exploitation of known vulnerabilities with patches. CISA has a bulletin about F5 Big-IP exploits, F5 says if you haven't patched yet, you're likely compromised.   Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and ...
New Alerts for Cisco - Exploit, NetApp, ZTE, and Linux.  Have a great weekend! Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securitywizardry.com
So, each week I've been writing a tech blog article on some of the trends we see in machine data to one of our monitored web assets. One of the automated searches we have running is long URI's in this case as a POST to the server and below you can see the output of this: Firstly, the raw data needs to be run through a decoder before we can see what...
New Alerts for Cisco, CODESYS, Artica Proxy, and Linux.Artica Proxy is an open source platform. Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securitywizardry.com
New Alerts for Adobe and Linux. Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securitywizardry.com
New Alerts for Micro Focus, IBM, Dell, and Linux.  Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securitywizardry.com
I don't think I'm alone as a business owner when I worry about the possibility of being breached. There must be many more like me who over the years have detected something which suggests that the worst has actually happened.  Fortunately, "touch wood" these incidents are few and far between and they have all been false pos...
New Alerts for Moodle, IBM, and Linux. We have dropped the Overall Alert and the Windows DNS Alerts to Guarded. GE Healthcare and Philips have put out bulletins regarding the Microsoft DNS vulnerability and their products that run on Microsoft platforms.  Medical and ICS/SCADA are particularly at risk as they try to determine how best to roll ...
New Alerts for Microsoft Edge, ClamAV, ABB, IBM, Mozilla, NetApp, and Linux.  ABB has identified a few more products vulnerable to Ripple20, including Ethernet Adapters. It appears that APT29 has been hacking vaccine research.  NCSC published a bulletin, see the link below. Security Wizardry Cyber Threat Intelligence - The Radar Page Secu...
Unless you've been fortunate enough to have been living on a desert island these past few years, then there is a pretty good chance you will have heard of the Cyber Essentials scheme. Cyber Essentials was launched back in 2014 by the National Cyber Security Centre (part of GCHQ) as a UK Government backed initiative aimed at improving the basic leve...
Do you remember learning a foreign language at school as a teenager and the first thing that you wanted to do was learn all the rude words, the reverse dictionary would be passed around and sure enough you'd find a list of profanities. Well it seems that is what our latest user-agent hacker has been up to. The four entries that I have from our logs...
New Alerts for Cisco, Apple, Dell, Synology, Google Chrome, and Linux. We are still watching the SAP Critical vulnerability as well as the Microsoft DNS Critical vulnerability.  In general, it's been a bad patch week.  If you don't have a patching schedule for your equipment, now is the time to get on that. Security Wizardry Cyber Threat ...
Oracle Quarterly patches are out. Schneider Electric Monthly Patches too. New Alerts for Advantech, HMS, Apache, and Linux.  We've raised a Subject Alert for the Windows DNS Critical vulnerability, CVSSv3 score of 10 and wormable, affects domain controllers.  This just added to the Overall Alert level of Increased for it being a Bad Patch...
The Cyber Threat Intelligence page, affectionately known as the Radar Page by some (or maybe just me), has been around for over 13 years.  See the Daily Mail article below for the sensational history.  :)  It has been through several redesigns, but retains a similar look and feel across the versions. Where to find the Radar Page: The...
Adobe Monthly Patches are out, with 5 products, patched.  There are Critical patches for Download Manager, Media Encoder, and Creative Cloud Desktop. Microsoft Monthly Patches are out, with fixes for 123 vulnerabilities. Of these, 17 are critical and 2 were previously disclosed. DNS Servers are at Critical risk for RCE. Oracle Quarterly Patche...

Find Out More

© Computer Network Defence Limited 2022