TTCSIRT-387.01.14.21:TTCSIRT ADVISORY – Microsoft Releases January 2021 Security Updates

TTCSIRT-387.01.14.21:TTCSIRT ADVISORY – Microsoft Releases January 2021 Security Updates

Please be advised that Microsoft has released January 2021 Security Updates which prevents remote attackers from exploiting vulnerabilities to gain control of affected systems. The following software will be updated: Microsoft Windows Microsoft Edge (EdgeHTML-based) Microsoft Office and Microsoft Office Services and Web Apps Microsoft Windows Codecs Library Visual Studio SQL Server Microsoft Malware Protection […]

TTCSIRT-386.12.14.20:TTCSIRT ADVISORY – SUNBURST BACKDOOR

FireEye has uncovered a widespread campaign that they are tracking as UNC2452. The actors behind this campaign gained access to numerous public and private organizations around the world. They gained access to victims via trojanized updates to SolarWind’s Orion IT monitoring and management software. FireEye stated that this campaign may have begun as early as […]

TTCSIRT-384.12.07.20: TT-CSIRT ADVISORY – Cisco Security Advisory for Vulnerability in AnyConnect

Cisco has released a security advisory on an Arbitrary Code Execution vulnerability—CVE-2020-3556—affecting Cisco AnyConnect Secure Mobility Client devices. A remote attacker could exploit this vulnerability to take control of an affected system. It is encouraged that users and administrators to review and apply the necessary updates or workarounds. For further information and support, please visit the following link:Cisco […]

TTCSIRT-383.12.07.20: TT-CSIRT ADVISORY – Apache Releases Security Advisory for Apache Tomcat

The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to cause a denial-of-service condition. It is encouraged that users and administrators review the Apache security advisory and upgrade to the appropriate version. Please visit the link below for further support:CVE-2020-17527

TTCSIRT-379.11.25.20: TT-CSIRT ADVISORY – VMware Releases Workarounds for CVE-2020-4006

VMware has released workarounds to address a vulnerability—CVE-2020-4006—in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. An attacker could exploit this vulnerability to take control of an affected system. It is encouraged, users and administrators review VMware Security Advisory and apply the necessary workarounds. For further information, please visit the link below:VMSA-2020-0027

TTCSIRT-378.11.17.20: TT-CSIRT ADVISORY – Cisco Releases Security Updates for Security Manager

Cisco has released security updates to address vulnerabilities in Cisco Security Manager. A remote attacker could exploit these vulnerabilities to obtain sensitive information. It is encouraged that users and administrators, review the following Cisco Security Advisories and apply the necessary updates. Cisco Security Manager Path Traversal Vulnerability cisco-sa-csm-path-trav-NgeRnqgR Cisco Security Manager Static Credential Vulnerability cisco-sa-csm-rce-8gjUz