You might be interested in …

[HackerNews] Patching the CentOS 8 Encryption Bug is Urgent – What Are Your Plans?

All posts, HackerNews

There are three things you can be sure of in life: death, taxes – and new CVEs. For organizations that rely on CentOS 8, the inevitable has now happened, and it didn’t take long. Just two weeks after reaching the official end of life, something broke spectacularly, leaving CentOS 8 users at major risk of a severe […]

Read More

[NCSC-FI News] Critical Sophos Firewall vulnerability allows remote code execution

Sophos has fixed a critical vulnerability in its Sophos Firewall product that allows remote code execution (RCE). Tracked as CVE-2022-1040, the authentication bypass vulnerability exists in the User Portal and Webadmin areas of Sophos Firewall. Source: Read More (NCSC-FI daily news followup)

Read More

[SANS ISC] Mitre CWE – Common Weakness Enumeration, (Mon, Jun 21st)

All posts, Sans-ISC

If you are involved in the security industry  you are at least somewhat familiar with the Mitre ATT&CK framework, the very useful, community driven, knowledgebase of attack threat models and methodologies which can be used to emulate adversary behavior to test security controls. However fewer are aware of a lesser known Mitre project, Common Weakness Enumeration […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.