Hello all, The Red-N Weekly Security newsletter is below the callouts below. Notable callouts this week include: Also in this week’s issue are several links about cyber insurance. Remember, the second rat gets the cheese. In security, you cannot rest on your laurels. If you catch one, others are already vying…
Hello all,A few of the notable call-out’s from this week’s report (found below this introduction) are: Having up to date, monitored and effective internet security is sort of like owning a snow-blower in Buffalo NY. It doesn’t do much for you most of the time, but when you need it, boy…
Hello all, A few of the notable call-out’s from this week’s report (found below this introduction) are: I just read an interesting article that said Turkeys are notoriously difficult to hunt. They are well camouflaged and are “the smartest and wariest creatures in the woods”. This Thanksgiving, make sure your network…
A few of the notable call-out’s from this week’s report are: Research shows that criminals avoid homes that have CCTV and/or yappy dogs. Make sure that your network is being watched and has some yappy dogs running around in them. Send the criminals looking for an easier target. Praying you have…
For a PDF version of this week’s report, click here.
ConnectWise patched a critical RCE vulnerability in Recover and R1Soft Server Backup Manager Google fixes seventh Chrome zero-day exploited in attacks this year Atlassian Jira Align, Version 10.107.4 Vulnerability Advisory Apple fixes new zero-day used in attacks against iPhones, iPads, and iPods – check here for your particular version Stranger Strings:…
Researchers Keep a Wary Eye on Critical New Vulnerability in Apache Commons Text (Text4Shell) Our new scanner for Text4Shell – Silent Signal Techblog – Scanner on Github Vulnerabilities in Cisco Identity Services Engine require your attention Heat left by users’ fingertips could help hackers crack passwords Microsoft’s out-of-date driver list left…
Microsoft October 2022 Patch Tuesday fixes two zero-days, 1 used in attacks, 84 flaws, 13 of which are critical The October 2022 Exchange SUs do not contain fixes for the zero-day vulnerabilities reported on September 29, 2022 Windows 11 KB5018427 update released with 30 bug fixes, improvements Aruba fixes critical RCE…
Fortinet warns admins to patch critical auth bypass bug immediately Updated information: Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server Steam Gaming Phish Showcases Browser-in-Browser Threat ‘IT security issue’ impacts multiple hospitals across several states Microsoft investigates Windows 11 22H2 Remote Desktop issues Lloyd’s of London investigates and responds…
Two Zero-Day Microsoft Exchange vulnerabilities without a patch are being exploited – mitigation steps published Microsoft Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server Critical Remote Hack Flaws Found in Dataprobe’s Power Distribution Units WhatsApp 0-Day Bug Let Hackers Execute a Code & Take Full App Control Remotely Don’t…
Critical Flaws in Airplanes WiFi Access Point Let Attackers Gain Root Access Windows 11 22H2 is released, here are the new features Recent Windows 11 update apparently causing various issues due to Core Isolation (VBS) Critical Vulnerability in Oracle Cloud Infrastructure Allowed Unauthorized Access LockBit ransomware builder leaked online by “angry…
Microsoft September 2022 Patch Tuesday fixes zero-day used in attacks, 63 flaws Windows 10 Update KB5017308 causes issues when creating/copying files via GPO Microsoft issues critical security updates as PCs attacked through zero-day flaw Microsoft issues patch for serious security vulnerability affecting everything from Windows 7 to Windows 11 Cisco released…