TTCSIRT-313.050420: TT-CSIRT ADVISORY – SUSE SECURITY UPDATE FOR APACHE2
Suse has released security update for Apache2 to address three vulnerabilities such as CVE-2020-1927, CVE-2020-1934 and CVE-2020-1938. This update fixes the following issues: CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect…
Read MoreTTCSIRT-312.050420: TT-CSIRT ADVISORY – VMWARE ESXI STORED CROSS-SITE SCRIPTING (XSS) VULNERABILITY
A Stored Cross-Site Scripting (XSS) vulnerability in VMware ESXi was privately reported to VMware. Patches are available to address this vulnerability in affected VMware products. VMware ESXi patches address Stored…
Read MoreTTCSIRT-311.050420: TT-CSIRT ADVISORY – AUTHENTICATION BYPASS IN FORTIMAIL AND FORTIVOICE ENTERPRISE
An improper authentication vulnerability in FortiMail and FortiVoiceEntreprise may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user…
Read MoreIC3 RELEASES ALERT ON EXTORTION EMAIL SCAMS
The Internet Crime Complaint Center (IC3) has released an alert warning of a recent increase in extortion email scams during the current “stay-at-home” orders due to the COVID-19 crisis. Cyber…
Read MoreGUIDANCE ON THE NORTH KOREAN CYBER THREAT
The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat…
Read MoreTTCSIRT-310.041520: TT-CSIRT ADVISORY – MICROSOFT RELEASES APRIL 2020 SECURITY UPDATES
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. TT-CSIRT encourages users…
Read More