VLCM Blogs - Learn How To Get IT Right

VLCM Cybersecurity Alerts - April 12, 2019

Written by Dan Schuyler | Apr 12, 2019 6:43:23 PM

Updates, vulnerabilities, and patches - oh my! The ever-evolving world of cybersecurity updates can be a difficult road to navigate but leaving your systems vulnerable can bring a whole host of undesired problems. VLCM Cybersecurity team to the rescue! To help you stay on top of the latest cybersecurity news each week, VLCMs cybersecurity experts are curating the top cybersecurity alerts you need to be aware of.

VMware Releases Security Updates

April 12, 2019

VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to obtain sensitive information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0006 and apply the necessary updates.

 

Vulnerability in Multiple VPN Applications

April 12, 2019

The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting multiple Virtual Private Network (VPN) applications. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#192371 for more information and refer to vendors for appropriate updates, when available.

 

Juniper Networks Releases Multiple Security Updates

April 10, 2019

Juniper Networks has released multiple security updates to address vulnerabilities in various Juniper products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Juniper Security Advisories web page and apply the necessary updates.

 

North Korean Malicious Cyber Activity

April 10, 2019

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Malware Analysis Report (MAR) MAR-10135536-8 and the page on HIDDEN COBRA - North Korean Malicious Cyber Activity for more information.

 

Adobe Releases Security Updates

April 09, 2019

Adobe has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Adobe Security Bulletins and Advisories page and apply the necessary updates.

 

Microsoft Releases April 2019 Security Updates

April 09, 2019

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s April 2019 Security Update Summary and Deployment Information and apply the necessary updates.

 

Intel Releases Security Updates, Mitigations for Multiple Products

April 09, 2019

Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel Security Advisories and apply the necessary updates and mitigations:

INTEL-SA-00201
INTEL-SA-00236
INTEL-SA-00238
INTEL-SA-00239