OpenSubtitles (popular online subtitles site) – almost 7 million users info Above is a list of Companies I have information for that have confirmed some sort of Breach (its obviously not complete since most never report anything, just what I hear about) Note: This is going to be a new type of post – will only […]
LINK This will be hugely helpful as many exploit kits, including Emotet use this
LINK The four added are CVE Number CVE Title Required Action Due Date CVE-2006-1547 Apache Struts 1 ActionForm Denial of Service Vulnerability 07/21/2022 CVE-2012-0391 Apache Struts 2 Improper Input Validation Vulnerability 07/21/2022 CVE-2018-8453 Microsoft Windows Win32k Privilege Escalation Vulnerability 07/21/2022 CVE-2021-35247 SolarWinds Serv-U Improper Input Validation Vulnerability 02/04/2022 The download for the full CSV is […]
LINK Looks like this is in the McAfee Update Agent.
LINK F5 has published a list of vulnerabilities. If you have F5 devices, time to address them.
LINK Time to update Google Chrome again
Crypto.com (cryptocurrency trading site) – 483 large customers data and currency withdrawn\ Red Cross (humanitarian organization) – half a million users PII exfiltrated R.R. Donnelly (integrated services company) – unspecified intrusion Above is a list of Companies I have information for that have confirmed some sort of Breach (its obviously not complete since most never […]
LINK It is not easy to be concise in listing VMware products affected by Log4j. So goto the link above for details.
LINK Time to look again if you have Cisco products in your network, including Webex.
LINK Google Project Zero has identified 2 Critical and High rated Vulnerabilities in Zoom Clients and Zoom MMR systems. Patches were released by the Vendor.