New Vulnerabilities Wednesday 22 July

New Alerts for Adobe and Linux. Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securitywizardry.com
New Alerts for Micro Focus, IBM, Dell, and Linux.  Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://radar.securitywizardry.com
I don't think I'm alone as a business owner when I worry about the possibility of being breached. There must be many more like me who over the years have detected something which suggests that the worst has actually happened.  Fortunately, "touch wood" these incidents are few and far between and they have all been false pos...
New Alerts for Moodle, IBM, and Linux. We have dropped the Overall Alert and the Windows DNS Alerts to Guarded. GE Healthcare and Philips have put out bulletins regarding the Microsoft DNS vulnerability and their products that run on Microsoft platforms.  Medical and ICS/SCADA are particularly at risk as they try to determine how best to roll ...
New Alerts for Microsoft Edge, ClamAV, ABB, IBM, Mozilla, NetApp, and Linux.  ABB has identified a few more products vulnerable to Ripple20, including Ethernet Adapters. It appears that APT29 has been hacking vaccine research.  NCSC published a bulletin, see the link below. Security Wizardry Cyber Threat Intelligence - The Radar Page Secu...
Unless you've been fortunate enough to have been living on a desert island these past few years, then there is a pretty good chance you will have heard of the Cyber Essentials scheme. Cyber Essentials was launched back in 2014 by the National Cyber Security Centre (part of GCHQ) as a UK Government backed initiative aimed at improving the basic leve...
Do you remember learning a foreign language at school as a teenager and the first thing that you wanted to do was learn all the rude words, the reverse dictionary would be passed around and sure enough you'd find a list of profanities. Well it seems that is what our latest user-agent hacker has been up to. The four entries that I have from our logs...
New Alerts for Cisco, Apple, Dell, Synology, Google Chrome, and Linux. We are still watching the SAP Critical vulnerability as well as the Microsoft DNS Critical vulnerability.  In general, it's been a bad patch week.  If you don't have a patching schedule for your equipment, now is the time to get on that. Security Wizardry Cyber Threat ...
Oracle Quarterly patches are out. Schneider Electric Monthly Patches too. New Alerts for Advantech, HMS, Apache, and Linux.  We've raised a Subject Alert for the Windows DNS Critical vulnerability, CVSSv3 score of 10 and wormable, affects domain controllers.  This just added to the Overall Alert level of Increased for it being a Bad Patch...
The Cyber Threat Intelligence page, affectionately known as the Radar Page by some (or maybe just me), has been around for over 13 years.  See the Daily Mail article below for the sensational history.  :)  It has been through several redesigns, but retains a similar look and feel across the versions. Where to find the Radar Page: The...
Adobe Monthly Patches are out, with 5 products, patched.  There are Critical patches for Download Manager, Media Encoder, and Creative Cloud Desktop. Microsoft Monthly Patches are out, with fixes for 123 vulnerabilities. Of these, 17 are critical and 2 were previously disclosed. DNS Servers are at Critical risk for RCE. Oracle Quarterly Patche...
Monthly Patches are out for SAP and Siemens, with one SAP patch rating Critical. New Alerts for F5 and Linux. Schneider Electric, Microsoft, Adobe, and Oracle patches will come out later today. The Hot News SAP patch affects Internet facing SAP systems, and earned an Alert Notice from CISA, urging to patch within 24 hours.We have raised the Overall...
New Alerts for Smiths Medical, HPE, NetApp, and Linux.   Tomorrow is Monthly Patch Day for Microsoft, Adobe, SAP, Schneider Electric, and Siemens.  Also, Oracle Quarterly Patches come out tomorrow as well.  It's a big day, sleep well! Security Wizardry Cyber Threat Intelligence - The Radar Page Security Wizardry Radar Page provi...
New Alerts for Sophos, Citrix (exploits), MobileIron, GE Digital, Moxa, Dell, Micro Focus, and Linux.  The ISC is reporting active attempts to exploit the Citrix vulnerabilities reported earlier this week.  There is also a writeup by a researcher outlining the vulnerabilities in great detail. Security Wizardry Cyber Threat Intelligence - ...
Our cyber security recruitment team have created a short video with Jay Jay Davey, a military leaver who is now in a civilian cyber role. Recruitment CND are also the UK's oldest independent cyber security recruitment agency, specialising in global security recruitment since 2004. We work with both contract and permanent roles and our recruiters ar...
Getting Found When looking for a new role it goes without saying that you should always aim to have as many skills that you've covered (and that you feel could be relevant) on your CV as are possible, but there's more to it than that. A good example centres around those working in the SOC space. I work with CVs that talk about working with SIEM too...
Further to last week's blog posting on user-agents, we are examining some of the malicious attempts seen crafted against a non-critical web-asset that our SOC monitors. Looking through our machine data using the dashboards that we have developed in this instance using Splunk, we are able to rapidly identify anomalies with low effort. We n...

Find Out More

© Computer Network Defence Limited 2020
For The Latest Updates Please Subscribe to Our Feed
Or Follow Us on LinkedIn