Summary Note: As of January 24, 2020, Citrix has released all expected updates in response to CVE-2019-19781. On January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller (ADC) and Citrix Gateway versions 11.1 and 12.0.On January 22, 2020, Citrix released security updates for vulnerable SD-WAN WANOP appliances.On January 23, 2020, Citrix released firmware updates for Citrix Read more about AA20-020A: Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP[…]
The National Security Agency (NSA) has released an information sheet with guidance on mitigating cloud vulnerabilities. NSA identifies cloud security components and discusses threat actors, cloud vulnerabilities, and potential mitigation measures. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators and users to review NSA’s guidance on Mitigating Cloud Vulnerabilities and CISA’s page on APTs Read more about NSA Releases Guidance on Mitigating Cloud Vulnerabilities[…]
Adobe released a few security updates to address vulnerabilities in Experience Manager, Acrobat Reader, Acrobat Writer, and Download Manager on October 15, 2019. Any attacker can use these vulnerabilities to take control and attack the systems because Adobe products have free/open access to critical system resources. CDSBureau recommends its readers to evaluate the following Adobe Read more about Adobe releases a few security updates[…]
Thousands of computers got infected with WannaCry 2.0/WannaCrypt ransomware on Friday May 12, 2017. This attack is still under progress. Why is it worst? This is one of the worst cyber ransomware attacks that infects the Windows based computers that are not patched with the EternalBlue Windows patch released in March 2017. This ransomware does Read more about How to Avoid WannaCrypt or WannaCry 2.0 Ransomware Attack?[…]
Adobe has released security updates to address vulnerabilities in Flash Player and the Creative Cloud Desktop Application. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB16-32 (external link) and APSB16-34 (external link) and apply the Read more about Adobe releases security updates – update your systems asap Oct 13, 2016[…]
Microsoft has released 10 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS16-118 through MS16-127 (external link) and apply the necessary updates. Read more.
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates. More info.
Google has released Chrome version 54.0.2840.59 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases (link is external) page and apply the necessary update.
An organization that handles customer or employee confidential data must protect all stages of confidential data life cycle. Data theft can happen at any stage of the life cycle. The following are the various data life cycle stages. Data gathering Data transmission Data storage Data purge 1. Data gathering: Organization gathers data through physical forms Read more about How to handle your customer or employee’s confidential data?[…]