Protect Your Code Repo

Repojacking is a tactic used by malicious actors to hijack old repository names and add scripts that target dependent applications. This happens when a developer changes or repository owner changes their username. Malicious actors target the combination of old username and repository name. Based on this, repo jacking is a threat that organizations should start monitoring whether developers are in-house or outsourced.
Read More

Kubernetes Security Advisory

Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster.

Read More

Palo Alto Security Advisory

A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.

Read More

Adobe Security Advisory

Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses a CRITICAL vulnerability. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all Adobe Acrobat and Reader users to review and implement the updates.

Read More

VMware Security Advisory

The VMware security team released VMware tools updates that address a SAML Token Signature Bypass Vulnerability. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all sys admins that use VMware Tools to review and implement the updates.

Read More

Juniper Security Advisory

Multiple vulnerabilities in J-Web can be combined to allow a preAuth Remote Code Execution. This is an out of cyle security release.

Read More