#Log4Shell has no easy fix or check, make sure you've taking a software inventory to identify hosts, checking vendor advisories daily (and for new ones), and patching immediately.
Vuln scanning should be a part of your plan, but not THE plan.
#btbalert
CISA makes a strong statement which aligns with the recommendations we’ve issued clients. If you have a WAF, yes there’s a nice capability - but patch whenever possible. #btbalert
https://t.co/wohxiwb3sQ
Popular Java library "log4shell" contains a now patched critical vulnerability, trivial RCE. MANY pieces of software use it.
The nature of updating libraries makes this tricky and less obvious for vulnerable software. Check vendors, patch ASAP. #btbalert https://t.co/31llhOGCMI
FBI... email server... compromised... well, not really, but it sure did look that way for a moment. TL:DR many organizations receiving SPAM messages from a valid FBI domain. See Krebs for full background (https://t.co/OmoDpxx9yx)
We've seen BTB clients get hit, lookout #btbalert
Path Traversal and Remote Code Execution in vulnerable versions of Apache are actively being scanned for. Updates from Apache should be applied as soon as possible.
Read More: https://t.co/XgWu2RoTlQ
#btbalert
VMware has announced various critical and important vulnerabilities in VMware vCenter Servers, one of which allows for code execution via uploaded files. Information, as well as updates and workarounds, can be seen here.
https://t.co/XOTcsAAa2I
#btbalert
One more reason not to open random email attachments! Microsoft announced CVE-2021-40444 which allows for remote code execution via ActiveX controls placed in specially-crafted Microsoft Office documents.
Read More: https://t.co/KKEpQufliZ
#btbalert
When USCYBERCOM issues an alert, it's one to pay attention to.
Original vuln write-up - https://t.co/TIv5D5OAZK
Vendor advisory (that will surely be changing) - https://t.co/2PXFXSObFN
Patch this, now, pretty please.
#btbalert
F5 released an August security advisory that includes a high-risk CVE-2021-23031 affecting BIG-IP Advanced WAF and ASM products. Check if your infrastructure is affected, more details can be found at: https://t.co/h0jTAfykV0
#btbalert
Not a good month for Microsoft, trending towards worst ever? Latest is broken ACLs on sensitive SYSTEM files introduced in Win10 Build 1809. No patch yet, workarounds not pretty but worth considering. Cool name too #hivenightmare
https://t.co/yCccvTJP4D
#btbalert
For those following CVE-2021-1675, aka "PrintNightmare", some additional guidance from CISA... still silence from MS.
Random - I'm not sure my feels on the naming of vulns, I can't hate it, but I don't love it.
https://t.co/RW20QYZcDY
#btbalert
I feel like we were just here the other day... critical vulnerabilities, in Exchange, that you need to patch right now. Oh wait, we WERE just dealing with this.
Go forth and patch. Quickly. Please
https://t.co/TDI0DSwnAT
#btbalert
There's widespread reporting of the recent MS Exchange vulnerabilities being actively exploited in the wild. If you haven't yet, get those patches applied. While Exchange Online isn't impacted, plenty of orgs are still vulnerable.
https://t.co/xmqqwjwfKM
#btbalert#msexchange
@btb_alerts
Do you have VMWare? You should read this and patch vulnerable things... it's a quick way for bad people to do bad things in your nice network.
https://t.co/ndQoWfcWVN
#btbalert
Sudo "make me a sandwich" - now possible for all unprivileged users.
If you haven't seen it, serious vulnerability in 'sudo', going back 10 years. Patch/update now.
#baronsamedit#btbalert
https://t.co/jpEQDJTmcx
https://t.co/tdx0xQMVC0