OpenSSL fix NOT Critical but High vul
So the latest OpenSSL version in the 3.0 release has a fix which is version 3.0.7 which will address a critical vulnerability in the 3.x versions. (so if you are…
What Happens When MFA is Hacked? Phishing is Accurate & Effective
We learned that MFA or 2FA (Multi or Two factor Authentication) is better than just a username and password to authenticate as all security people keep drumming into everyone right?…
Vishing Attacks on The Rise
What is Vishing? Voice phishing, also known as vishing, is the practice of eliciting information or attempting to influence action via the telephone.(from hhs.gov site) Recently, a large U.S. company…
Security Update for Chrome
chrome has a new security update according to CISA(Cybersecurity and Infrastructure Security Agency) post: Google has released Chrome version 103.0.5060.114 for Windows. This version addresses vulnerabilities that an attacker could…
Another Vulnerability in a Cloud Framework
Rapid7 has found a spring framework vulnerability called Spring4Shell As usual a new vulnerability requires risk management to be reassessed. https://nvd.nist.gov/vuln/detail/CVE-2022-22965 Leads to https://tanzu.vmware.com/security/cve-2022-22965 Which says the following information which…