What if you have software with a vulnerability that will not be patched? What does this mean? RCE means Remote Code Execution which means the attacker does not have to be on the system to exploit it (this is the most dangerous attack). If you are running Horde webmail to check your email – … Read more
Tips and tricks against a phishing cyberattack is what we need if 80% of all cyberattacks are Phishing email is a lie – attempts to get you to click on a link —– The Code in the link does not go where it says Email tries to trick you into acting fast – so as … Read more
why is the defense always behind? Are there some things that we inherently do not like to do?If there is something that is denying us from doing what is necessary to create a good defense then we have to be mindful of these actions – let’s review some Catch22 items. Let’s face it … Read more
So I got this text the other day: Text from unknown number(spoofed anyway no need to put from number it is false – also I modified the link so others will not be able to go to it: WALMART is starting an exceptionally huge research project in your area. This project happens each week, so … Read more
Rapid7 has found a spring framework vulnerability called Spring4Shell As usual a new vulnerability requires risk management to be reassessed. https://nvd.nist.gov/vuln/detail/CVE-2022-22965 Leads to https://tanzu.vmware.com/security/cve-2022-22965 Which says the following information which is important. CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+ Affected VMware Products and Versions Severity is critical unless otherwise noted. … Read more
