I have added a new section that is called Government/Regulation/Russia/Ukraine War related stories. These will be more those relating to the legal/law side of government stories, as well as those specifically around the Russian/Ukrainian War. News/Intelligence/IOCs Stories FBI Releases PIN on Phishing Campaign against U.S. Election Officials – LINK VMware Horizon platform pummeled by Log4j-fueled […]
LINK CVE-2022-0778 is found in OpenSSL versions 1.0.2, 1.1.1 and 3.0. Update to 1.0.2zd (for premium support customers), 1.1.1n and 3.0.2 Version 1.1.0 is also impacted, but it’s no longer supported and will not receive a patch. Exploitation of the vulnerability is possible in certain situations, and it can lead to a DoS attack against […]
LINK Not a vulnerability, but a news item. OpenSSL 3.0 has finally been released after 7-8 years of development. Its the successor to OpenSSL 1.1.1. Time to start investigating its usage.
LINK QNAP, similar to MANY other applications/devices are affected by the recent OpenSSL vulnerabilities that were announced back HERE. If you have IoT or devices that could potentially use some type of security tunneling like OpenSSL, examine if there is an update for you.
LINK OpenSSL updated their software to fix a high severity vulnerability. Time to take a look for OpenSSL users
LINK OpenSSL produced updates and are advising users to upgrade to version 1.1.1k
LINK The title says it all…get your patching teams ready.