Black Arrow Cyber Advisory 30/06/2022 – Patchable vulnerabilities lead cause of Q1 incidents
Read MoreBlack Arrow Cyber Advisory 30/06/2022 – Switch to Exchange Online Modern Auth
Read MoreBlack Arrow Cyber Advisory 30/06/2022 – USB drive spread Raspberry Robin worm actively seen in the wild
Read MoreBlack Arrow Cyber Advisory 17/06/2022 – Citrix ADM
Executive Summary
Citrix Application Delivery and Management (Citrix ADM), is a web-based software application used for managing Citrix deployments for an organisation. Two vulnerabilities have been disclosed by Citrix, one of which could allow for a remote, unauthenticated user to reset the administrator password on the server, granting administrator access after a reboot.
Read MoreBlack Arrow Cyber Advisory 15/06/2022 – Microsoft Patch Tuesday – ‘Follina’ vulnerability addressed with other security updates.
Read MoreBlack Arrow Cyber Advisory – Multiple Zyxel Vulnerabilities identified for Firewalls and Access Points
Executive Summary
Several vulnerabilities have been disclosed within Zyxel products, affecting firewalls, access point controllers and access points produced by the company. Most of these vulnerabilities require a locally authenticated user, and therefore could be used for further attacks if a local user account is compromised.
Read MoreBlack Arrow Cyber Advisory 27/05/2022 – Trend Micro identified a new Ransomware strain specifically targeting VMware servers
Executive Summary
Ransomware specifically designed to target VMware systems has been found to be in use by malicious attackers. VMware systems have been a prime target for attackers, as many different services which organisations rely on run on these systems. By compromising these systems, all of the hosted services can also be impacted.
Read MoreBlack Arrow Cyber Advisory 26/05/2022 – Check the security of IoT Devices, Increase in Linux Botnet Malware.
Executive Summary
Microsoft has detected a significant increase in malware targeted at Linux systems to create botnets which can be used for distributed denial-of-service (DDOS) and other types of attack. Internet-of-Things (IoT) or Smart Devices often use a Linux operating system to run their service. These are often not patched regularly, if at all, making them a target for this type of attack. Cloud service providers also often use Linux based operating systems.
Read MoreBlack Arrow Cyber Advisory 19/05/2022 – VMware provides patches for critical vulnerabilities in multiple product lines. CISA advise to disconnect systems if they cannot be patched.
Read MoreBlack Arrow Cyber Advisory 04/05/2022 – Avaya and Aruba Switch Vulnerability
Read MoreBlack Arrow Cyber Advisory 03/05/2022 – Hacking tool disclosed for Privilege Escalation on Windows
Read MoreBlack Arrow Cyber Advisory 20/04/2022 – Vulnerabilities identified within Lenovo Laptop UFEI BIOS
Read More