• January 3, 2022

    Ransomware Predictions for 2022 The new year is traditionally a time to consider the future and set down new goals and directions for life. In the IT world, it is also a time to make predictions for the coming 12...

  • December 24, 2021

    Recent Attacks, Threats, and Breaches There are so many breaches and attacks these days, that it is hard to keep up. Here are a few of the recent highlights: 1. Panasonic Breach Panasonic is the latest high-profile victim of cybercriminals....

  • December 20, 2021

    Linux Vulnerabilities of the Week: December 20, 2021 1. Apache Log4j logging library vulnerability Severity: Critical         CVSS Score: 10.0 This is a flaw in Apache that allows an attacker who can control log messages or log message parameters to execute...

  • December 15, 2021

    December Patch Tuesday 2021 Fixes 67 Vulnerabilities December Patch Tuesday Arrives with 67 Fixes There are 7 Critical (one more than last month) and 60 Important fixes in this release.  Updates were included for Microsoft Windows and Windows Components, ASP.NET Core...

  • December 14, 2021

    Log4j Weaponized Threat Extremely Dangerous Vulnerability Discovered This weekend a vulnerability in Log4j which is a very popular Java-based logging tool has been Weaponized.  All versions of Log4j prior to 2.14.1 are vulnerable, this does not just impact the stand...

  • December 6, 2021

    Linux Vulnerabilities of the Week: December 6, 2021 1. CSRF token bypass in Mailman (<2.1.38) Severity: Important    CVSS Score: 8.8 A Cross-Site Request Forgery (CSRF) attack can be performed in GNU Mailman due to a CSRF token bypass. CSRF tokens...

  • December 1, 2021

    Linux Vulnerabilities of the Week: November 30, 2021 1. A heap buffer overflow in Redis (>2.6) Severity: Important    CVSS Score: 8.8 Redis is an open-source, in-memory database that persists on disk. In affected versions Specially crafted Lua scripts executing in...

  • November 23, 2021

    Linux Vulnerabilities of the Week: November 22, 2021 1. Out-of-bounds write to memory in FreeRDP  Severity: Important   CVSS Score: 8.8 This is a flaw in the FreeRDP, a free implementation of the Remote Desktop Protocol (RDP), released under the Apache...

  • November 17, 2021

    Windows Out-of-Band Update Released to Fix Kerberos Microsoft Issues Emergency Update for Kerberos Microsoft has released an emergency security update to fix a Kerberos OOB vulnerability in Windows Server running Domain Controller services.  Anyone impacted by this vulnerability will not...

  • November 16, 2021

    Linux Vulnerabilities of the Week: November 15, 2021 1. Possible trojan source attacks in the Unicode Specification (through 14.0) Severity: Critical         CVSS Score: 9.8 This is a flaw in the way Unicode standards are implemented in the context of development...