The Nagios team released patches that address four security vulnerabilities affecting Nagios XI network monitoring software. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all Sys and network admins to review and implement the appropriate patches.
The Gitlab team released security patches that address a critical flaw that allows an attacker to run pipelines as another user. This affects GitLab versions 16.3.4 and 16.2.7.
Windows PowerShell is a task-based command-line shell or user interface that allows for task automation to manage operating systems and processes. This tool is increasingly used by malicious actors to gain control of systems once they infiltrate an organization’s network.
Globally, October is annually recognized as the cybersecurity awareness month. This is cognizant of the continuous need to keep end users updated with the latest knowledge and tips to remain safe online. Effective cybersecurity is a dynamic area that requires both human based and technology interventions! We encourage every organization to participate in this awareness drive by designing and executing creative cybersecurity awareness messages to users and clients. Like the old saying goes, cybersecurity is everyone’s responsibility.
The most popular smart phone operating systems are iOS, Android and HarmonyOS. Users can access their preferred apps through the official secure app stores such as Apple’s App Store, Google Play or Huawei AppGallery. Baseline security checks are carried out to ensure that the apps allowed into these stores are secure. However, there are instances when users may wish to download apps outside their official app store. These unofficial app stores are commonly referred to as third-party app stores. These are the common risks of using such third-party app stores
Password spraying is a tactic used by malicious actors to attempt gain unauthorized access to an account by systematic password guessing against multiple usernames. Several security updates show that this is a commonly used malicious tactic. This therefore requires system administrators to implement appropriate mitigation measures to reduces this happening in IT environments. The Uganda National CERT and Coordination Center recommends the following top tips: