A weekly recap of pertinent security events you need to be aware of and can read in 7 seconds (or so...)
Using Google Chrome?
Do this: Update your Chrome browser ASAP.
Why: Google has addressed an(other) actively exploited zero-day in their Chrome browser. This is the second time Google has released updates to address publicly-exploited vulnerabilities within the last month.
Additional Info: https://thehackernews.com/2021/03/another-google-chrome-0-day-bug-found.html
Using F5 BIG-IP or BIG-IQ?
Do this: Update your F5 BIG-IP and BIG-IQ to the latest versions.
Why: F5 and the U.S. Cybersecurity and Infrastructure Agency (CISA) are urging organizations to patch four critical remote command execution (RCE) flaws in its BIG-IP and BIG-IQ enterprise networking infrastructure.
Additional Info: https://threatpost.com/f5-cisa-critical-rce-bugs/164679/
About the Author
Ryan Bradbury, CISSP, OSCP
Principal Consultant & Cofounder
As a founding partner and principal consultant at SEVN-X, Ryan employs his training, experience, and expertise in helping organizations assess and protect their information security assets as well as respond to cybersecurity events. Ryan’s skillset has been forged from an extensive amount of field work—across various verticals—serving in both strategic and tactical security roles. SEVN-X requires all of its team members to be experts in information security and that starts from the top down.