Cyber Updates 20 September 2023

Protect Your Code Repo

Repojacking is a tactic used by malicious actors to hijack old repository names and add scripts that target dependent applications. This happens when a developer changes or repository owner changes their username. Malicious actors target the combination of old username and repository name. Based on this, repo jacking is a threat that organizations should start monitoring whether developers are in-house or outsourced.
Cyber Updates 20 September 2023
Prevent Password Spraying Attacks
Password spraying is a tactic used by malicious actors to attempt gain unauthorized access to an account by systematic password guessing against multiple usernames. Several security updates show that this is a commonly used malicious tactic. This therefore requires system administrators to implement appropriate mitigation measures to reduces this happening in IT environments. The Uganda National CERT and Coordination Center recommends the following top tips:
Advisories 18 September 2023
Kubernetes Security Advisory

Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code ex

Have you thought about using a Password Manager?
Beyond relying on a password alone
Are you securely changing Phones?
Advisories 13 September 2023
VMware Security Advisory

The VMware security team released VMware tools updates that address a SAML Token Signature Bypass Vulnerability.

Advisories 13 September 2023
Adobe Security Advisory

Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS.

Advisories 13 September 2023
Juniper Security Advisory

Multiple vulnerabilities in J-Web can be combined to allow a preAuth Remote Code Execution.

Advisories 13 September 2023
Palo Alto Security Advisory

A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplifie

Subscribe to