CISA has added another 13 vulnerabilities that are actively being exploited. This list is at the bottom and Complete CSV is listed HERE CVE Number CVE Title Remediation Due Date CVE-2021-44228 Apache Log4j2 Remote Code Execution Vulnerability 12/24/2021 CVE-2021-44515 Zoho Corp. Desktop Central Authentication Bypass Vulnerability 12/24/2021 CVE-2021-44168 Fortinet FortiOS Arbitrary File Download Vulnerability 12/24/2021 […]
LINK I thought this was well written. I suggest taking a look on vulnerability scanning and the frequency of the scanning.
LINK The Understanding Cybersecurity of Mobile Networks Act, sponsored by Reps. Anna Eshoo (D-CA) and Adam Kinzinger (R-IL), requires the NTIA to examine the cybersecurity of mobile service networks and vulnerability to cyber attacks. The measure, which was first introduced in the House in April, 2021, was met with near unanimous approval. A second passed […]
LINK In a huge surprise to us all, consumer routers are garbage. How do we tolerate this?
LINK VE Number CVE Title Remediation Due Date CVE-2020-11261 Qualcomm Multiple Chipsets Improper Input Validation Vulnerability 06/01/2022 CVE-2018-14847 MikroTik Router OS Directory Traversal Vulnerability 06/01/2022 CVE-2021-37415 Zoho ManageEngine ServiceDesk Authentication Bypass Vulnerability 12/15/2021 CVE-2021-40438 Apache HTTP Server-Side Request Forgery (SSRF) 12/15/2021 CVE-2021-44077 Zoho ManageEngine ServiceDesk Plus Remote Code Execution 12/15/2021 Here is the actual list […]
LINK The weekly rundown from CISA on Vulnerabilities. Take time to look at the list.
LINK I liked this article at Security Affairs. 80% of honeypots were compromised in 24 hours…wow
LINK Note if you are a Service Provider, you are part of the Supply Chain to the many companies that you support.
LINK FatPipe released a patch and security advisory, FPSA006, on November 16, 2021, that fixes the vulnerability. All FatPipe WARP, MPVPN, and IPVPN device software prior to releases 10.1.2r60p93 and 10.2.2r44p1 are vulnerable. The security advisory and additional details are available at the following URL: https://fatpipeinc.com/support/cve-list.php.