chrome has a new security update according to CISA(Cybersecurity and Infrastructure Security Agency) post: Google has released Chrome version 103.0.5060.114 for Windows. This version addresses vulnerabilities that an attacker could…
Rapid7 has found a spring framework vulnerability called Spring4Shell As usual a new vulnerability requires risk management to be reassessed. https://nvd.nist.gov/vuln/detail/CVE-2022-22965 Leads to https://tanzu.vmware.com/security/cve-2022-22965 Which says the following…
Do you have an APC UPS(Uninterruptible Power Supply)? (Image above from Armis Research) I do not know which devices actually have these vulnerabilities, assuming Armis research is correct then it…
From Brian Krebs’ KrebsonSecurity website: On Jan. 19, the ICRC disclosed the compromise of servers hosting the personal information of more than 500,000 people receiving services from the Red Cross…
Due to an actively exploited zero-day vulnerability: https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.html This bug is a 10 of 10 on the CVSS rating from the article a snippet: Tracked as CVE-2021-44228 and by the…
