LINK SentinalLabs identified a new vulnerability utilizing the Windows RPC Protocol to take advantage of NTLM.
All, I went on vacation with the wife for 7 days. I completely neglected to get the site updated. This wont happen again. I will figure a way to blog new items myself or have someone else fill in for me next time.
LINK Well, its not exactly a security issue I highlight usually. But I wanted to make sure it was shourted out that Firefox is disabling and then removing the FTP functionality from Mozilla Firefox soon
LINK Juniper devices running the JunOS have been found to contain a vulnerability in the base OS
LINK – LINK Multiple vulnerabilities were found in the EtherNet/IP Stack that is typically used in Industrial Systems)
LINK Interesting that Google has changed the timeline of notifying organizations of vulnerabilities in projects to 30 days instead of 90 days.
LINK The following apps have been found to be affected by vulnerabilities in how URL’s are passed, handled, validated. Nextcloud – Fixed in version 3.1.3 of Desktop Client released on February 24 (CVE-2021-22879) Telegram – Issue reported on January 11 and subsequently fixed via a server-side change on (or slightly before) February 10 VLC Player – Issue […]
LINK In recent news we now found out the FBI actually were connecting (with a court order) to networks affected by the Exchange hacks and fixing issues (removing webshell’s put on by the attackers). I am speechless as to this activity, similar to Bruce.
LINK As far as it looks, the old Legacy Edge browser on Windows will formally be removed and replaced with the newer Chromium Edge. So make sure you are aware…
LINK As always SAP released new Monthly updates to address vulnerabilities it found. Some are CVSS of 10 so if you have SAP, you need to address this IMMEDIATELY.