Author: DEFENDEDGE
-
FBI: Rise in Business Email-based Attacks is a $43B Headache
A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem. Read more
-
Cisco Releases Security Updates for Enterprise NFV Infrastructure Software
Original release date: May 5, 2022 Cisco has released security updates to address multiple vulnerabilities in Enterprise NFV Infrastructure Software. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Cisco advisory cisco-sa-NFVIS-MUL-7DySRX9 and apply the necessary updates. For updates addressing lower severity vulnerabilities, see… Read more
-
Podcasts
Defending the Edge A Cyber Security Podcast Defending the Edge is a weekly cyber security podcast bringing you the updates that matter most to you in the cyber security domain. Join host Calvin Bryant and the Defend Edge team as they keep you informed on current cyber threats, hostile actors, and solutions, interview experts in… Read more
-
F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems
The vulnerability is ‘critical’ with a CVSS severity rating of 9.8 out of 10. Read more
-
F5 Releases Security Advisories Addressing Multiple Vulnerabilities
Original release date: May 4, 2022 F5 has released security advisories on vulnerabilities affecting multiple products, including various versions of BIG-IP. Included in the release is an advisory for CVE-2022-1388, which allows undisclosed requests to bypass the iControl REST authentication in BIG-IP. An attacker could exploit CVE-2022-1388 to take control of an affected system. CISA… Read more
-
Unpatched DNS Bug Puts Millions of Routers, IoT Devices at Risk
A flaw in all versions of the popular C standard libraries uClibe and uClibe-ng can allow for DNS poisoning attacks against target devices. Read more
-
Vulnerability Summary for the Week of April 25, 2022
Original release date: May 2, 2022 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info jfinalcms_project — jfinalcms JFinalCMS v2.0 was discovered to contain a SQL injection vulnerability via the Article Management function. 2022-04-22 7.5 CVE-2022-27341 MISC link-admin_project — link-admin Link-Admin v0.0.1 was discovered to contain a SQL injection… Read more
-
Deep Dive: Protecting Against Container Threats in the Cloud
A deep dive into securing containerized environments and understanding how they present unique security challenges. Read more
-
Security Turbulence in the Cloud: Survey Says…
Exclusive Threatpost research examines organizations’ top cloud security concerns, attitudes towards zero-trust and DevSecOps. Read more
-
CISA and FBI Update Advisory on Destructive Malware Targeting Organizations in Ukraine
Original release date: April 28, 2022 CISA and the Federal Bureau of Investigation (FBI) have updated joint Cybersecurity Advisory AA22-057A: Destructive Malware Targeting Organizations in Ukraine, originally released February 26, 2022. The advisory has been updated to include additional indicators of compromise for WhisperGate and technical details for HermeticWiper, IsaacWiper, HermeticWizard, and CaddyWiper destructive malware.… Read more