January 3, 2022
Ransomware Predictions for 2022 The new year is traditionally a time to consider the future and set down new goals and directions for life. In the IT world, it is also a time to make predictions for the coming 12...
December 24, 2021
Recent Attacks, Threats, and Breaches There are so many breaches and attacks these days, that it is hard to keep up. Here are a few of the recent highlights: 1. Panasonic Breach Panasonic is the latest high-profile victim of cybercriminals....
December 20, 2021
Linux Vulnerabilities of the Week: December 20, 2021 1. Apache Log4j logging library vulnerability Severity: Critical CVSS Score: 10.0 This is a flaw in Apache that allows an attacker who can control log messages or log message parameters to execute...
December 15, 2021
December Patch Tuesday 2021 Fixes 67 Vulnerabilities December Patch Tuesday Arrives with 67 Fixes There are 7 Critical (one more than last month) and 60 Important fixes in this release. Updates were included for Microsoft Windows and Windows Components, ASP.NET Core...
December 14, 2021
Log4j Weaponized Threat Extremely Dangerous Vulnerability Discovered This weekend a vulnerability in Log4j which is a very popular Java-based logging tool has been Weaponized. All versions of Log4j prior to 2.14.1 are vulnerable, this does not just impact the stand...
December 6, 2021
Linux Vulnerabilities of the Week: December 6, 2021 1. CSRF token bypass in Mailman (<2.1.38) Severity: Important CVSS Score: 8.8 A Cross-Site Request Forgery (CSRF) attack can be performed in GNU Mailman due to a CSRF token bypass. CSRF tokens...
December 1, 2021
Linux Vulnerabilities of the Week: November 30, 2021 1. A heap buffer overflow in Redis (>2.6) Severity: Important CVSS Score: 8.8 Redis is an open-source, in-memory database that persists on disk. In affected versions Specially crafted Lua scripts executing in...
November 23, 2021
Linux Vulnerabilities of the Week: November 22, 2021 1. Out-of-bounds write to memory in FreeRDP Severity: Important CVSS Score: 8.8 This is a flaw in the FreeRDP, a free implementation of the Remote Desktop Protocol (RDP), released under the Apache...
November 17, 2021
Windows Out-of-Band Update Released to Fix Kerberos Microsoft Issues Emergency Update for Kerberos Microsoft has released an emergency security update to fix a Kerberos OOB vulnerability in Windows Server running Domain Controller services. Anyone impacted by this vulnerability will not...
November 16, 2021
Linux Vulnerabilities of the Week: November 15, 2021 1. Possible trojan source attacks in the Unicode Specification (through 14.0) Severity: Critical CVSS Score: 9.8 This is a flaw in the way Unicode standards are implemented in the context of development...