What is Vishing? Voice phishing, also known as vishing, is the practice of eliciting information or attempting to influence action via the telephone.(from hhs.gov site) Recently, a large U.S. company fell victim to a cyber attack that leveraged sophisticated phishing techniques involving phone calls to gain access to the victim organization. Phishing campaigns continue to … Read more
chrome has a new security update according to CISA(Cybersecurity and Infrastructure Security Agency) post: Google has released Chrome version 103.0.5060.114 for Windows. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. Official Google update: https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html This update includes 4 security fixes. Below, we highlight fixes that were contributed … Read more
Rapid7 has found a spring framework vulnerability called Spring4Shell As usual a new vulnerability requires risk management to be reassessed. https://nvd.nist.gov/vuln/detail/CVE-2022-22965 Leads to https://tanzu.vmware.com/security/cve-2022-22965 Which says the following information which is important. CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+ Affected VMware Products and Versions Severity is critical unless otherwise noted. … Read more
Do you have an APC UPS(Uninterruptible Power Supply)? (Image above from Armis Research) I do not know which devices actually have these vulnerabilities, assuming Armis research is correct then it may be all devices that connect to the cloud. Armis Research found some vulnerabilities: Armis has discovered a set of three critical vulnerabilities in APC … Read more
From Brian Krebs’ KrebsonSecurity website: On Jan. 19, the ICRC disclosed the compromise of servers hosting the personal information of more than 500,000 people receiving services from the Red Cross and Red Crescent Movement. The ICRC said the hacked servers contained data relating to the organization’s Restoring Family Links services, which works to reconnect people … Read more