by Scott Muniz | Oct 29, 2021 | Security, Technology
This article is contributed. See the original author and article here.
GoCD has released a security update to address a critical authentication vulnerability in GoCD versions 20.6.0 through 21.2.0. GoCD is an open-source Continuous Integration and Continuous Delivery system. A remote attacker could exploit this vulnerability to obtain sensitive information.
CISA encourages users and administrators to update to GoCD 21.3.0 or apply the necessary workarounds.
For more information, see Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD.
by Contributed | Oct 28, 2021 | Technology
This article is contributed. See the original author and article here.
Starting today, the preview of Feedback for Microsoft Teams, a new community feedback experience from Microsoft, is available. Built on Dynamics 365 Customer Service, Feedback continues our dedication to using customer feedback to help with the further development and improvement of Teams. Since 2017, when Teams became the hub for collaboration in Microsoft 365, user submissions have driven the completion of over 500 features and improvements, and we aim to complete thousands more.
The new Feedback portal will allow users to submit their own feedback, browse other publicly submitted ideas, track official Microsoft responses, see our top voted customer ideas, upvote the feedback they agree with, and comment on feedback that matches their own. Top known feedback items remain available in the new portal.
In Feedback, users will also be able to easily track their favorite ideas through the ‘star’ icon and receive notifications when those ideas are responded to by Microsoft.
Explore the new Feedback portal now at https://aka.ms/TeamsFeedback and let us know what you need most from your Teams experience. Learn more about the broad topic of Feedback at Microsoft in our documentation.
by Scott Muniz | Oct 28, 2021 | Security, Technology
This article is contributed. See the original author and article here.
The National Security Agency (NSA) and CISA have published the first of a four-part series, Security Guidance for 5G Cloud Infrastructures. Security Guidance for 5G Cloud Infrastructures – Part I: Prevent and Detect Lateral Movement provides recommendations for mitigating lateral movement attempts by threat actors who have gained initial access to cloud infrastructures.
This guidance has been created by the Critical Infrastructure Partnership Advisory Council (CIPAC) Cross Sector Enduring Security Framework Working Group—a public-private working group that provides cybersecurity guidance addressing high-priority cyber threats to the nation’s critical infrastructure.
CISA encourages 5G providers, integrators, and network operators to review the guidance and consider the recommendations.
by Scott Muniz | Oct 28, 2021 | Security, Technology
This article is contributed. See the original author and article here.
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisory
CISA encourages users and administrators to review the Cisco advisory and apply the necessary updates.
by Scott Muniz | Oct 28, 2021 | Security, Technology
This article is contributed. See the original author and article here.
The Internet Systems Consortium (ISC) has released a security advisory that addresses a vulnerability affecting multiple versions of the ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit this vulnerability to cause a denial-of-service condition.
CISA encourages users and administrators to review the ISC advisory for CVE-2021-25219 and apply the necessary updates or workaround.
Recent Comments