Juniper Networks Releases Security Updates
Juniper Networks has released security updates to address vulnerabilities affecting Junos OS, Paragon Active Assurance (PAA), and Juniper Secure Analytics (JSA) Series. An attacker could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review Juniper Networks’ security advisories page and apply the necessary updates.
Microsoft libera actualizaciones para vulnerabilidades criticas
Microsoft ha lanzado un nuevo listado de actualizaciones para Windows, lo cual permitirá a la corrección de 98 vulnerabilidades de las cuales 7 se consideran actualmente como críticas. Dichas actualizaciones también incluyen la corrección de una vulnerabilidad ZERO-DAY. Como parte de sus actualizaciones de Abril, Windows ha lanzado nuevas actualizaciones que pretende corregir varias vulnerabilidades […]
Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles
Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles serves as a cybersecurity roadmap for manufacturers of technology and associated products. With recommendations in this guide, manufacturers are urged to put cybersecurity first, during the design phase of a product’s development lifecycle, to decrease user risk and provide out-of-the-box user protections by default at no extra charge.
This guide represents an international effort to reduce exploitable vulnerabilities in technology used by the government and private sector organizations. The authoring agencies are CISA, Federal Bureau of Investigation, National Security Agency, Australian Cyber Security Centre, Canadian Centre for Cyber Security, New Zealand’s Computer Emergency Response Team, United Kingdom’s National Cyber Security Centre, Germany’s Federal Office for Information Security (BSI), and the Netherlands’ National Cyber Security Centre. The authoring agencies recognize the contributions by many private sector partners in advancing Security-by-Design and -Default.
For more information on the importance of product security, see CISA’s blog article The Cost of Unsafe Technology and What We Can Do About It.
Proliferan ataques de AlphV BlackCat Ransomware en la región
Se ha observado a un nuevo afiliado de ransomware ALPHV (también conocido como BlackCat ransomware), rastreado como UNC4466, dirigirse a instalaciones de Veritas Backup Exec expuestas públicamente y vulnerables a CVE-2021-27876, CVE-2021-27877 y CVE-2021-27878, para obtener acceso inicial a los entornos de las víctimas. Un servicio comercial de escaneo de Internet identificó más de 8.500 […]