The newest Patch Tuesday features a repair for the beforehand disclosed and actively exploited distant code execution flaw in MSHTML. The arrival of the second Tuesday of the month can solely imply one factor in cybersecurity phrases, Microsoft is rolling out patches for safety vulnerabilities in Windows and its other offerings. This time spherical Microsoft’s Patch […]
Microsoft on Tuesday addressed a quartet of safety flaws as a part of its Patch Tuesday updates that might be abused by adversaries to focus on Azure cloud prospects and elevate privileges in addition to enable for distant takeover of weak programs. The listing of flaws, collectively referred to as OMIGOD by researchers from Wiz, […]
Google on Monday launched safety updates for Chrome internet browser to handle a complete of 11 safety points, two of which it says are actively exploited zero-days within the wild. Tracked as CVE-2021-30632 and CVE-2021-30633, the vulnerabilities concern an out of bounds write in V8 JavaScript engine and a use after free flaw in Listed […]
A set of latest safety vulnerabilities has been disclosed in business Bluetooth stacks that would allow an adversary to execute arbitrary code and, worse, crash the gadgets through denial-of-service (DoS) assaults. Collectively dubbed “BrakTooth” (referring to the Norwegian phrase “Brak” which interprets to “crash”), the 16 safety weaknesses span throughout 13 Bluetooth chipsets from 11 […]
Community-attached storage (NAS) equipment maker QNAP mentioned it is currently investigating two just lately patched safety flaws in OpenSSL to find out their potential affect, including it’ll launch safety updates ought to its merchandise change into susceptible. Tracked as CVE-2021-3711 (CVSS rating: 7.5) and CVE-2021-3712 (CVSS rating: 4.4), the weaknesses concern a high-severity buffer overflow […]
U.S. expertise agency Kaseya has released safety patches to deal with two zero-day vulnerabilities affecting its Unitrends enterprise backup and continuity resolution that might lead to privilege escalation and authenticated distant code execution. The 2 weaknesses are a part of a trio of vulnerabilities found and reported by researchers on the Dutch Institute for Vulnerability […]
VMware on Wednesday shipped security updates to handle vulnerabilities in a number of merchandise that could possibly be probably exploited by an attacker to take management of an affected system. The six safety weaknesses (from CVE-2021-22022 by way of CVE-2021-22027, CVSS scores: 4.4 – 8.6) have an effect on VMware vRealize Operations (previous to model […]
The U.S. Cybersecurity and Infrastructure Safety Company is warning of energetic exploitation makes an attempt that leverage the most recent line of “ProxyShell” Microsoft Change vulnerabilities that have been patched earlier this Could, together with deploying LockFile ransomware on compromised methods. Tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, the vulnerabilities allow adversaries to bypass ACL controls, […]
Taiwanese chip designer Realtek is warning of four security vulnerabilities in three software program improvement kits (SDKs) accompanying its WiFi modules, that are utilized in virtually 200 IoT units made by at the least 65 distributors. The issues, which have an effect on Realtek SDK v2.x, Realtek “Jungle” SDK v3.0/v3.1/v3.2/v3.4.x/v3.4T/v3.4T-CT, and Realtek “Luna” SDK as […]
Safety researchers have disclosed as many as 40 completely different vulnerabilities related to an opportunistic encryption mechanism in mail purchasers and servers that would open the door to focused man-in-the-middle (MitM) assaults, allowing an intruder to forge mailbox content material and steal credentials. The now-patched flaws, recognized in varied STARTTLS implementations, have been detailed by […]
Colin has extensive knowledge of Cyber Security and technology. He keeps up to date with the industry and has a genuine interest in IT. He approaches tasks with a positive attitude which leads to great solutions.
Colin is the most knowledgeable and trustworthy individual you could meet. What better attributes could you ask for from someone in cyber security. He is smart, insightful and helpful to a fault as well as being a true gentleman. I cannot recommend him highly enough.
Colin is a fantastic coach and is a very good listener