TTCSIRT-309.041520: TT-CSIRT ADVISORY – INTEL RELEASES SECURITY UPDATES
Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain escalation of privileges. TT-CSIRT encourages users and administrators to…
Read MoreTTCSIRT-308.041520: TT-CSIRT ADVISORY – ORACLE CRITICAL PATCH UPDATE
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches are usually cumulative, but each advisory describes only the security patches added since the previous…
Read MoreTTCSIRT-307.041520: TT-CSIRT ADVISORY – VMWARE VREALIZE LOG INSIGHT VULNERABILITIES
Cross Site Scripting (XSS) and Open Redirect vulnerabilities exist in vRealize Log Insight due to improper Input validation; (CVE-2020-3953) and (CVE-2020-3954) respectively. VMware has evaluated the severity of these issues…
Read MoreTTCSIRT-306.041520: TT-CSIRT ADVISORY- ADOBE RELEASES SECURITY UPDATES FOR MULTIPLE PRODUCTS
Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. TT-CSIRT encourages users and…
Read MoreCOVID-19 EXPLOITED BY MALICIOUS CYBER ACTORS
The United States Department of Homeland Security (DHS) Cyber security and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) did a joint alert talking to…
Read MoreTTCSIRT-305.041020: TT-CSIRT ADVISORY- XSS VULNERABILITY IN THE DASHBOARD NAME PARAMETER OF FortiADC
An improper neutralization of input vulnerability in the dashboard of FortiADC may allow an authenticated attacker to perform a cross site scripting attack (XSS) via the name parameter. Impact: Execute…
Read More