Dirty Pipe Privilege Escalation Vulnerability in Linux

Original release date: March 10, 2022CISA is aware of a privilege escalation vulnerability in Linux kernel versions 5.8 and later known as “Dirty Pipe” (CVE-2022-0847). A local attacker could exploit…

Comments Off on Dirty Pipe Privilege Escalation Vulnerability in Linux

Updated: Conti Ransomware

Original release date: March 9, 2022CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the United States Secret Service (USSS) have re-released an advisory on Conti…

Comments Off on Updated: Conti Ransomware

SAP Releases March 2022 Security Updates

Original release date: March 8, 2022SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected…

Comments Off on SAP Releases March 2022 Security Updates

Microsoft Releases March 2022 Security Updates

Original release date: March 8, 2022Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an…

Comments Off on Microsoft Releases March 2022 Security Updates

Vulnerability Summary for the Week of February 28, 2022

Original release date: March 7, 2022  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info jetbrains -- teamcity In JetBrains TeamCity before 2021.1.4, GitLab authentication…

Comments Off on Vulnerability Summary for the Week of February 28, 2022

CISA Adds 11 Known Exploited Vulnerabilities to Catalog 

Original release date: March 7, 2022CISA has added 11 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in…

Comments Off on CISA Adds 11 Known Exploited Vulnerabilities to Catalog 

Mozilla Releases Security Updates for Multiple Products

Original release date: March 7, 2022Mozilla has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected system.    CISA encourages…

Comments Off on Mozilla Releases Security Updates for Multiple Products

NSA Releases Network Infrastructure Security Guidance

Original release date: March 3, 2022The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR): Network Infrastructure Security Guidance. The report captures best practices based on the…

Comments Off on NSA Releases Network Infrastructure Security Guidance

CISA Adds 95 Known Exploited Vulnerabilities to Catalog

Original release date: March 3, 2022CISA has added 95 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent…

Comments Off on CISA Adds 95 Known Exploited Vulnerabilities to Catalog