LINK If you use VMware View Planner, time to update.
Tag: securitythreatnews
Cisco releases Updates
LINK Multiple Cisco Products Snort Ethernet Frame Decoder Denial of Service Vulnerability
New Chrome Zero Day being used – Update Chrome Now
LINK Google has released new updates for Chrome to combat a new Zero-Day vulnerability being actively utilized online. Patch asap.
Microsoft releases Emergency Patch for Zero Day in Exchange – Patch Now
LINK Microsoft has released an emergency patch for Exchange. Patch now!
RYUK now has worm-like capabilities
LINK Ryuk Ransomware now has a new component that allows it to self replicate via SMB shares.
Apache Tomcat Release
LINK Apache Tomcat released an update: Time to update CVE-2021-25122 h2c request mix-up Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 10.0.0-M1 to 10.0.0 Apache Tomcat 9.0.0.M1 to 9.0.41 Apache Tomcat 8.5.0 to 8.5.61 Description: When responding to new h2c connection requests, Apache Tomcat could duplicate request headers and a limited amount […]
Zero Trust Model
LINK to a NSA PDF doc I suggest everyone who is not read up on this, read this document. The Zero Trust Security Model as written is a set of principles that should be applied to access/assets/services/processes/etc. A good document to live by.
Mozilla and Thunderbird release updates
LINK As usual, Mozilla foundation releases some needed updates. Goto the CISA link above for them all.