Highlights and Updates

5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras

Tuesday, 11th February 2020

SeveralCisco-manufactured network equipments have been found vulnerable to five newsecurity vulnerabilities that could allow hackers to take complete control overthem, and subsequently, over the enterprise networks they power.

Critical Citrix RCE Flaw Still Threatens 1,000s of Corporate LANs

Monday, 10th February 2020

RCE and myriad other types of attacks could take aim at the 19 percent ofvulnerable companies that havenít yet patched CVE-2019-19781. Read More


Android's February 2020 Update Patches Critical System Vulnerabilities

Wednesday, 5th February 2020

Google this week released the February 2020 set of securityupdates for the Android operating system, which address a total of 25vulnerabilities, including 2 rated critical severity.

Both of these critical flaws were found in Androidís Systemcomponent and both are patched on all devices running the 2020-02-01security patch level.

Tracked as CVE-2020-0022, the first of these bugs is a remotecode execution vulnerability that is considered critical onlyon Android 8.0, 8.1, and 9 devices. On Android 10, it can only lead to adenial-of-service condition, being considered moderate severity.

Coronavirus Campaigns Spread Emotet, Malware

Thursday, 30th January 2020

Asthe coronavirus originating in the Wuhan province of China continues to stir widespread fears abouta global public health crisis, some see an opportunity in the outbreak. Arecent spate of malicious, botnet-driven emails is using the coronavirus as atheme, according to telemetry from IBM X-Force and Kaspersky.

Microsoft Azure Flaws Could Have Let Hackers Take Over Cloud Servers

Tuesday, 28th January 2020

Cybersecurity researchers at Check Point today disclosed details of two recently patched potentially dangerous vulnerabilities in Microsoft Azure services that, if exploited, could have allowed hackers to target several businesses that run their web and mobile apps on Azure.

Azure App Service is a fully-managed integrated service that enables users to create web and mobile apps for any platform or device, and easily integrate them with SaaS solutions, on-premises apps to automate business processes.

Cisco Releases Security Updates

Thursday, 23rd January 2020

Cisco has released updatesto address vulnerabilities affecting multiple products. A remote attacker couldexploit some of these vulnerabilities to take control of an affected system.For updates addressing lower severity vulnerabilities, see the Cisco SecurityAdvisories page.


Samba Releases Security Updates

Wednesday, 22nd January 2020

The Samba Team has releasedsecurity updates to address vulnerabilities in multiple versions of Samba. Anattacker could exploit one of these vulnerabilities to take control of anaffected system.

We encourage users andadministrators to review the Samba Security Announcements for CVE-2019-14902,CVE-2019-14907, and CVE-2019-19344 and apply the necessary updates and workarounds.

Oracle Releases January 2020 Security Bulletin

Wednesday, 15th January 2020

Oracle has released itsCritical Patch Update for January 2020 containing 334 new security patches toaddress vulnerabilities across multiple products. A remote attacker couldexploit some of these vulnerabilities to take control of an affected system.

We encourage users andadministrators to review the Oracle January 2020 Critical Patch Update andapply the necessary updates.

VMware Releases Security Update

Tuesday, 14th January 2020

VMware has released asecurity update to address a vulnerability in VMware Tools. An attacker couldexploit this vulnerability to take control of an affected system.

We encourage users andadministrators to review VMware Security Advisory VMSA-2020-0002 and apply thenecessary update.

Adobe Releases Security Updates

Tuesday, 14th January 2020

Adobe has released security updates to addressvulnerabilities in Illustrator CC and Experience Manager. An attacker couldexploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review AdobeSecurity Bulletins APSB20-03 and APSB20-01 and apply the necessary updates.