LINK As stated above, if you have Firefox or Thunderbird, upgrade now.
LINK Apache Tomcat did not correctly parse the HTTP transfer-encoding requestheader in some circumstances leading to the possibility to requestsmuggling when used with a reverse proxy. Specifically: Tomcatincorrectly ignored the transfer-encoding header if the client declaredit would only accept an HTTP/1.0 response; Tomcat honoured the identifyencoding; and Tomcat did not ensure that, if present, the […]
LINK A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYSTEM.
LINK Mitsubishi Electric released some new updates for AC systems. Take a look if you have them,
LINK SolarWinds Serv-U FTP software has been found to have a Remote memory escape – if you use Serv-U, time to update it.
City of Joplin, Missouri – unspecified security event CNA (insurance) – ransomware Above is a list of Companies I have information for that have confirmed some sort of Breach (its obviously not complete since most never report anything, just what I hear about) Note: This is going to be a new type of post – will […]
LINK Essentially, they are saying the patch was released as it was meant to installed, but additional actions required to registry changes to Point and Print to an insecure configuration. In ALL cases, apply the CVE-2021-34527 security update. The update will not change existing registry settings After applying the security update, review the registry settings […]
LINK This is simply a very interesting endeavor and would like to see how it evolves.
Morgan Stanley (brokerage firm) – Accellion FTA breach including PII Above is a list of Companies I have information for that have confirmed some sort of Breach (its obviously not complete since most never report anything, just what I hear about) Note: This is going to be a new type of post – will only happen […]
LINK Very interesting, take a look