Welcome to our blog where will endeavour to keep you up to date with national and international security alerts of all types. Whether it’s software updates or scams that can be happening near you.
We follow international alerts from several agencies so we can stay on top of whats going on in the cyber world, and receive new information regularly, normally daily but sometimes hourly.
Sometimes we also find out several software issues ourselves when working on systems for our end users, business and consumer alike. Sometimes it can happen purely by mistake. other times it slaps you in the face, HARD.
One thing I would like to say is that you should always BACK UP important information no matter what you use your devices for. If you get exploited or infected your DATA is your most important thing, make sure you have saved it, preferably to a different device or online and encrypted.
April brought with it more updates and patches for all of your favourite software and devices. Also there have been some awareness campaigns on keeping your eyes open for the fraudsters out there.
April 30th was a late night update from the techs at google. Google has released Chrome version 74.0.3729.131 for Windows, Mac, and Linux. This version addresses two vulnerabilities, one of which an attacker could exploit to take control of an affected system. For more info check out the blog here
On the 26th April; Oracle has released a security alert to address a vulnerability in WebLogic. A remote attacker could exploit this vulnerability to take control of an affected system. You can view more nformation on the Center for Internet Security here
Drupal also released updates and fixes for its products and greater information can be seen reading from their website through the links provided. This Drupal core advisory gives information on a moderate issue, while this link provides information on cross site scripting. Read and take notice if you use Drupal!
Cisco also released updates for its IOS software, if you are a Cisco engineer then you probably already know this, if not then read on and follow the link. Cisco IOS XR 64-Bit Software for Cisco ASR 9000 Series Aggregation Services Routers has a vulnerability which is adressed here so be sure to read all the way through and follow the workarounds as suggested.
Broadcom also have seen issues with their WiFi chipset drivers, this could affect anyone who has a broadcom wireless device in their system. We suggest that you check your device manager and see what WiFi Chipset your device uses. When you have this information you can check this link to see if your card is affected.
March saw some interesting updates and some are listed below, It’s always worth a read through as it may be that somehow you have missed one!
March 26th 2019, ASUS have released an update for their Live Update software. It has been found that there is vulnerabilities in the software that will allow a hacker to take control of affected systems. If you are using ASUS Live Update then please ensure you have gone to their website and downloaded the update.
https://www.asus.com/support/Download-Center/
Release date 25th March.
2019 Mozilla released an update for Thunderbird mail client, more details can be found at this link here; https://www.mozilla.org/en-US/security/advisories/mfsa2019-12/#CVE-2019-9813 an attacker could exploit this vulnerability on an affected system and cause issues.
25th March 2019
Apple released multiple updates across devices as listed;
- iCloud for Windows 7.11
- iTunes 12.9.4 for Windows
- Safari 12.1
- macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
- tvOS 12.2
- Xcode 10.2
- iOS 12.2
Follow the links in each description to find out more information on each update, and be sure to update your software.
Thank you for reading our first installation of security alerts, we intend to keep adding information to this page. As we progress we will try to add more information and even maybe share some code to help. Stay alert and stay safe.