Microsoft Releases January 2022 Security Updates

Original release date: January 11, 2022Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could exploit some of these vulnerabilities to take control of an affected…

Comments Off on Microsoft Releases January 2022 Security Updates

AA22-011A: Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Original release date: January 11, 2022SummaryActions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication.…

Comments Off on AA22-011A: Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Vulnerability Summary for the Week of January 3, 2022

Original release date: January 10, 2022  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info beyondtrust -- appliance_base_software BeyondTrust Secure Remote Access Base Software through…

Comments Off on Vulnerability Summary for the Week of January 3, 2022

CISA Adds 15 Known Exploited Vulnerabilities to Catalog

Original release date: January 10, 2022CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the…

Comments Off on CISA Adds 15 Known Exploited Vulnerabilities to Catalog

Vulnerability Summary for the Week of December 27, 2021

Original release date: January 4, 2022  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to…

Comments Off on Vulnerability Summary for the Week of December 27, 2021

Vulnerability Summary for the Week of December 20, 2021

Original release date: December 27, 2021  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info adobe -- dimension Adobe Dimension versions 3.4.3 (and earlier) is…

Comments Off on Vulnerability Summary for the Week of December 20, 2021

Apache Releases Security Update for HTTP Server

Original release date: December 22, 2021The Apache Software Foundation has released Apache HTTP Server 2.4.52. This version addresses vulnerabilities—CVE-2021-44790 and CVE-2021-44224—one of which may allow a remote attacker to take…

Comments Off on Apache Releases Security Update for HTTP Server

AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Original release date: December 22, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for…

Comments Off on AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities