Security

Number: AV22-449Date: 10 August 2022 On 9 August 2022, HPE published Security Bulletins to address vulnerabilities in the following products: HPE ProLiant – multiple versions and platforms HPE Synergy 480 Gen10 Plus Compute Module – versions prior to 1.62_07-14-2022 The Cyber Centre encourages users and administrators to review the provided web link and apply the […]

August 2022 | Awareness series The world we live in is being transformed by Artificial Intelligence (AI). This developing technology uses intelligent computer programs (i.e. learning algorithms) to find complex patterns in data to make predictions or classifications. AI is used today to perform specific tasks, such as to use facial recognition to access your mobile device […]

Step 1: The bait The scammer tailors a message to look like a legitimate one from a major bank or service. Using spoofing techniques the message is sent to numerous recipients in the hope that some will take the bait and fall for the scam. In phishing and whaling attacks, the scammer first gathers details […]

Number: AV22-448Date: 9 August 2022 On 9 August 2022, Microsoft published Security Updates to address vulnerabilities in multiple products. Included were critical updates for the following: Azure Batch – versions prior to 1.9.27 Microsoft Exchange Server – multiple versions Windows 11 Windows 10 – multiple versions Windows 8.1 – multiple versions Windows 7 Windows Server […]

Number: AV22-447Date: 9 August 2022 On 9 August 2022, Citrix published a Security Bulletin to address a vulnerability in the following product: Citrix Hypervisor 7.1 LTSR CU2 The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates. Source link

Number: AV22-438Date: 8 August 2022 Between 1 and 7 August 2022 IBM published Security Bulletins to address vulnerabilities in multiple products. Included were critical updates for the following: IBM DRM – version 2.0.6.13 IBM Sterling B2B Integrator – version 6.0.0.0 to 6.0.3.6, 6.1.0.0 to 6.1.0.5 and 6.1.1.1 IBM Sterling File Gateway – version 6.0.0.0 to […]

Number: AV22-437Date: 8 August 2022 On 5 August 2022 Microsoft published a Security Update to address vulnerabilities in the following product: Microsoft Edge – versions prior to 104.0.1293.47 The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary update. Source link

DNS security (DNSSEC) DNSSEC is a method of improving data integrity and authentication security. DNSSEC secures data exchanged in DNS and helps protect sensitive information stored in your DNS records. It provides cryptographic authentication of DNS data. It also provides authenticated denial of existence by allowing a DNSSEC-enabled resolver to confirm that a particular domain […]

August 2022 | Management series Foreword This document is an unclassified publication that is part of a suite of documents that focus on each of the top 10 IT security actions recommended in ITSM.10.089 Top 10 Information Technology Security Actions to Protect Internet Connected Networks and InformationFootnote 1. Effective date This publication takes effect on August 5, […]

This article talks about Trivy, which is a simple and comprehensive vulnerability scanner for containers and other artifacts, suitable for Continuous Integration and Testing. Table of Contents Introduction Installation Scanning Git Repository Scanning Container Image Scanning Filesystem Scanning the running Containers Embed Trivy in Dockerfile Introduction Trivy is an open-source tool by aqua security to […]

Number: AV22-435Date: 4 August 2022 On 4 August 2022 ICS-CERT published an ICS Advisory to highlight a vulnerability in the following product: Digi ConnectPort X2D Gateway – all firmware versions manufactured prior to January 2020 Exploitation of this vulnerability could lead to arbitrary code execution. The Cyber Centre encourages users and administrators to review the […]

Number: AV22-434Date: 3 August 2022 On 3 August 2022 Cisco published Security Advisories to address vulnerabilities in multiple products. Included were critical updates for the following: Cisco Small Business RV Series Routers – multiple versions and platforms Exploitation of these vulnerabilities could lead to arbitrary code execution or cause a denial of service. The Cyber […]