IT Security Alerts to Keep an Eye On: Spring4Shell, Citrix CVEs, iManage Certificate Expirations (April 2022)
Security Advisory: VMware ESXi, Workstation and Fusion –Multiple vulnerabilities
Security Advisory: Multiple vulnerabilities in VMware ESXi, Workstation, and Fusion were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
Microsoft Exchange Y2K22 email delivery failure
“The problem relates to a date check failure with the change of the new year and it not a failure of the AV engine itself,” according to the Microsoft Exchange Team.
iManage Security Vulnerability due to third-party Apache component Log4j
If not mitigated, potential remote exploits to an Apache component called Log4J can be executed by a malicious attacker. This vulnerability is known worldwide as CVE-2021-44228. Check this iManage Security Advisory.
Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)
The iManage Security team identified a vulnerability affecting on-premises versions of iManage products.
It is an exploit targeting the Apache HTTP Server which if not mitigated, can be exploited under certain conditions.
Alert: VMware vCenter Server Privilege Escalation Vulnerability
VMware has investigated and confirmed possible exploits that can be performed by a malicious attacker using “privileged account escalation” method. Learn how to mitigate with the provided remediation tasks.
Microsoft Exchange Server Vulnerabilities On-Premises & Hybrid
Microsoft released patches and fixes during this week’s November Patch Tuesday. The report identified 55 vulnerabilities on Microsoft Windows, including on-premises (locally installed) products such as Microsoft Office (Microsoft Excel), Microsoft Edge browser and – most importantly – Microsoft Exchange.
Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP Edition – Unauthenticated Denial of Service
Nobelium – Targeting CSPs, MSPs, & Other IT Service Providers
You may recall Nobelium from the infamous software supply chain attack on SolarWinds in 2020 that enabled bad actors access to various US government computers. Nobelium has been busy replicating its success on new prey: CSPs (Cloud Service Providers), MSPs (Managed Services Providers), and other IT service providers.