![]() ![]() ![]() At this time we know that ~10% of Mimecast customers were impacted and Mimecast has already reached out to them directly. We are actively monitoring the situation and will notify our customers of any known impact to their e-mail. January 13, 2021: Mimecast Security Alert Source: Eze Castle IntegrationĮze Castle Integration has been made aware of a breach in the Mimecast platform as part of the SolarWinds fallout. This bug allows a remote attacker to cause arbitrary code execution.įollowing this latest Apple release ECI recommends that you update your corporate and personal Apple iOS devices to iOS 14.4 version as soon as possible. One of the known vulnerabilities is a "WebKit" bug which is known to be actively exploited. The security content of iOS 14.4 is described in this document here. Please note that Apple has released a new iOS 14.4 update which in addition to the features listed here also includes fixes for a number of known vulnerabilities. January 28, 2021: Apple iOS Alert Source: Eze Castle Integration ![]() You can get the latest updates from Kaseya following the link: Please be advised that we have been made aware of a potential attack against Kaseya (IT management software provider used by several MSPs), specifically affecting their on premise VSA solution. July 2021: Kaseya VSA Potential Attack Source: Eze Castle Integration ECI recommends immediately updating your Apple products to address this vulnerability. This allows for access to the target device, including personal data, photos, messages and location.Īpple has released emergency patches to address the zero-day flaw. On September 13, 2021, it was announced that A zero-click, zero-day exploit named ‘ForceEntry” has been discovered in Apple products (iPhone, iPad, Mac, and Apple Watch) which takes advantage of a flaw in iMessage that allow the push of the Pegasus spyware to devices. September 2021: Apple’s Emergency Patch for 'ForcedEntry' (iMessage Flaw, CVE-2021-30860) Source: Eze Castle Integration In addition to the alerts below, ECI utilizes a mass notification platform to communicate with clients regularly.ĭecember 2021: Log4j Zero-Day Vulnerability Source: Eze Castle IntegrationĪ critical vulnerability has been discovered in Apache Log4j 2, an open-source Java package used to enable logging in many popular applications, and it can be exploited to enable remote code execution on countless servers.įor more information concerning Log4j Zero-Day Vulnerability, please see details published here: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |