NSA-CISA Series on Securing 5G Cloud Infrastructures

Original release date: October 28, 2021The National Security Agency (NSA) and CISA have published the first of a four-part series, Security Guidance for 5G Cloud Infrastructures. Security Guidance for 5G…

Comments Off on NSA-CISA Series on Securing 5G Cloud Infrastructures

Vulnerability Summary for the Week of October 18, 2021

Original release date: October 25, 2021  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info adobe -- ops-cli Ops CLI version 2.0.4 (and earlier) is…

Comments Off on Vulnerability Summary for the Week of October 18, 2021

NOBELIUM Attacks on Cloud Services and other Technologies

Original release date: October 25, 2021Microsoft has released a blog on NOBELIUM attacks on cloud services and other technologies. CISA urges users and administrators to review [NOBELIUM targeting delegated administrative…

Comments Off on NOBELIUM Attacks on Cloud Services and other Technologies

Critical RCE Vulnerability in Discourse 

Original release date: October 24, 2021Discourse—an open source discussion platform—has released a security advisory to address a critical remote code execution (RCE) vulnerability (CVE-2021-41163) in Discourse versions 2.7.8 and earlier. …

Comments Off on Critical RCE Vulnerability in Discourse 

Malware Discovered in Popular NPM Package, ua-parser-js

Original release date: October 22, 2021Versions of a popular NPM package named ua-parser-js was found to contain malicious code. ua-parser-js is used in apps and websites to discover the type…

Comments Off on Malware Discovered in Popular NPM Package, ua-parser-js

GPS Daemon (GPSD) Rollover Bug

Original release date: October 21, 2021Critical Infrastructure (CI) owners and operators, and other users who obtain Coordinated Universal Time (UTC) from Global Positioning System (GPS) devices, should be aware of…

Comments Off on GPS Daemon (GPSD) Rollover Bug

Cisco Releases Security Updates for IOS XE SD-WAN Software

Original release date: October 21, 2021Cisco has released security updates to address a vulnerability in IOS XE SD-WAN Software. An authenticated local attacker could exploit this vulnerability to take control…

Comments Off on Cisco Releases Security Updates for IOS XE SD-WAN Software

Oracle Releases October 2021 Critical Patch Update

Original release date: October 19, 2021Oracle has released its Critical Patch Update for October 2021 to address 419 vulnerabilities across multiple products. A remote attacker could exploit some of these…

Comments Off on Oracle Releases October 2021 Critical Patch Update