Author: ContentCreator

  • Pulse Secure Releases Security Update for Pulse Secure Connect

    Original release date: August 6, 2021 Pulse Secure has released Pulse Secure Connect system software version 9.1R12 to address multiple vulnerabilities an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review Pulse Secure’s Security Advisory SA44858 and apply the necessary update. This product is provided subject to this… Read more

  • Zoom Settlement: An $85M Business Case for Security Investment  

    Zoom’s security lesson over end-to-end encryption shows the costs of playing cybersecurity catchup. Read more

  • Auditors: Feds’ Cybersecurity Gets the Dunce Cap

    Out of eight agencies, four were given D grades in a report for the Senate, while the Feds overall got a C-.  Read more

  • VMware Releases Security Updates for Multiple Products

    Original release date: August 5, 2021 VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to gain access to confidential information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0016 and apply the necessary updates or workaround. This product is provided subject to this Notification and… Read more

  • CISA Releases Security Advisory for InterNiche Products

    Original release date: August 5, 2021 CISA has released an Industrial Control Systems (ICS) advisory detailing multiple vulnerabilities in InterNiche products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the ICS Advisory ICSA-21-217-01 HCC Embedded InterNiche TCP/IP Stack NicheLite and apply the… Read more

  • Black Hat: Microsoft’s Patch for Windows Hello Bypass Bug is Faulty, Researchers Say

    Researchers show how to circumvent Microsoft’s Windows Hello biometric authentication using a spoofed USB camera. Read more

  • Black Hat: Security Bugs Allow Takeover of Capsule Hotel Rooms

    A researcher was able to remotely control the lights, bed and ventilation in “smart” hotel rooms via Nasnos vulnerabilities. Read more

  • We COVID-Clicked on Garbage, Report Finds: Podcast

    Were we work-from-home clicking zombies? Steganography attacks snagged three out of eight recipients. Nasty CAPTCHAs suckered 50 times more clicks during 2020. Read more

  • CISA Releases Security Advisory for Swisslog Healthcare

    Original release date: August 3, 2021 CISA has released an Industrial Control Systems (ICS) advisory detailing multiple vulnerabilities in Swisslog Healthcare Translogic Pneumatic Tube Systems (PTS). An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the ICS Medical Advisory ICSMA-21-215-01 Swisslog Translogic… Read more

  • CISA and NSA Release Kubernetes Hardening Guidance

    Original release date: August 2, 2021 | Last revised: August 3, 2021 The National Security Agency (NSA) and CISA have released Kubernetes Hardening Guidance, a cybersecurity technical report detailing the complexities of securely managing Kubernetes—an open-source, container-orchestration system used to automate deploying, scaling, and managing containerized applications.  This report describes the security challenges associated with… Read more