Cisco has released security updates to fix multiple vulnerabilities affecting certain Cisco Small Business Series Switches. Out of the 9 vulnerabilities mentioned in the official advisory, 4 of them are classified as Critical with a CVSS score of 9.8 (CVE-2023-20159, CVE-2023-20160, CVE-2023-20161, and CVE-2023-20189). The described vulnerabilities have a proof-of-concept accessible, however, the Cisco PSIRT continue reading : Multiple Vulnerabilities Affecting Cisco Small Business Series Switches

Microsoft has released its May 2023 Patch Tuesday security updates to fix multiple vulnerabilities across its products, including two reported vulnerabilities (CVE-2023-24932 and CVE-2023-29336) that are currently being exploited in the wild.  Based on the official release notes from Microsoft, there are a total of 49 vulnerabilities. Of these vulnerabilities, six are classified as critical, continue reading : Microsoft Releases May 2023 Patch Tuesday Security Updates

Trend Micro security researchers has uncovered improved tactics, techniques, and procedures (TTPs) on a new campaign attributed to an APT Group known as Earth Longhzi. The threat group’s effort is directed at organizations with locations in Taiwan, Thailand, the Philippines, and Fiji, according to the official report.  Upon monitoring of the CERT-PH, It was discovered continue reading : Malicious Campaign Attributed to Earth Longzhi Targets Organizations Based In Taiwan, Thailand, the Philippines, and Fiji

_____________________________ A. List of Vulnerabilities Microsoft OneDrive CVE-2023-24930 Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability Elevation of Privilege Important Microsoft OneDrive CVE-2023-24923 Microsoft OneDrive for Android Information Disclosure Vulnerability Information Disclosure Important Microsoft Dynamics CVE-2023-24922 Microsoft Dynamics 365 Information Disclosure Vulnerability Information Disclosure Important Microsoft Dynamics CVE-2023-24921 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability continue reading : Microsoft Releases March 2023 Patch Tuesday Security Updates

_____________________________ A. Background SSL certificates are used to establish a secure and encrypted connection between a user’s browser and their website or portal. This encryption helps to protect sensitive information, such as personal data and financial information, from being intercepted and accessed by unauthorized third parties.  However, SSL certificates have an expiration date, and if continue reading : Updating of SSL Certificates for Government Websites