The Asia Pacific Computer Emergency Response Team (APCERT) today has successfully completed its annual drill to test the response capability of leading Computer Security Incident Response Teams (CSIRT) from the Asia-Pacific economies. TechCERT was appointed as the head of cyber security drill organizing committee which was tasked with scenario development, drill preparation, drill artifact development and coordinating the drill. Further, TechCERT spearheaded the EXCON (Exercise Control Center) role in the APCERT drill which managed the operation of the entire drill.

VMware has released security updates to address Cross-Site Scripting (XSS) vulnerabilities in multiple products. VMware states that the exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. The products that have been updated include VMware vRealize Automation and vRealize Business Advanced and Enterprise. Users and administrators are advised to update their installations of these products as early as possible.

OpenSSH has released a security update to address a vulnerability in its previous versions. OpenSSH states that exploitation of this vulnerability may allow a remote attacker to obtain sensitive information. It is recommended that users and administrators update to the newest version with immediate effect.

Citrix has released updates to address a vulnerability in its Citrix Licensing Server. Citrix states that the exploitation of this vulnerability may allow a remote, unauthenticated attacker to take control of an affected server. Users and administrators are therefore encouraged to apply the necessary updates as early as possible.

Adobe Inc. has released new versions of the Flash Player plugin for Windows, Macintosh, ChromeOS, Android, iOS, and Linux-based operating systems in order to address several security vulnerabilities. Adobe states that the exploitation of some of the vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are advised to update Flash Player with immediate effect.

The Internet Systems Consortium (ISC) has released security updates to address three vulnerabilities in BIND, the web’s most widely used Domain Name System (DNS). Exploitation of these vulnerabilities may allow a remote attacker to cause a denial of service condition. All three of these vulnerabilities have been classed as high severity and should therefore be addressed as early as possible.

Cisco has released security updates to address vulnerabilities in several of its products. Cisco states that the exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected device. The products included in this update are Wireless Residential Gateway, Wireless Residential Gateway with EDVA, ASA Content Security and Control Security Services Module, and Cable Modem with Digital Voice. Users and administrators are advised to apply the updates available with immediate effect.

Apple has released a security update for Apple Software Update for Windows 7 and later. Apple states that this update addresses a vulnerability that may allow a remote attacker to take control of an affected system. Users and administrators are advised to update their installations of Apple Software Update to the newest available version with immediate effect.

The Mozilla Foundation has released a security advisory detailing security updates to Firefox and Firefox Extended Service Release (ESR) that addresses vulnerabilities that affect these browser implementations. Mozilla states that the exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are advised to update their versions of Firefox and Firefox ESR to the latest available version with immediate effect.

Google Inc. has released a security update for its popular Google Chrome web browser. This update addresses multiple vulnerabilities in the previous versions of Google Chrome for Windows, Mac, and Linux. Google states that the exploitation of some of these vulnerabilities may lead to a remote attacker taking control of an affected system. Users and administrators are advised to apply the necessary updates with immediate effect.

footerimage

Member of

logo apcertfirst logo-2

Collaborated with

apwg2ICTA logo2ack cymru

Our Partners
lanka-certify-logoDark-Lab-Logo2contact