7x Second Security [23-January-2023]
Using Microsoft Azure Services?
Do this: Validate all input, ensure the environment is securely configured, and make sure all the servers are configured to only allow necessary traffic.
Why: Azure recently released information addressing 4 vulnerabilities that could be exploited to gain unauthorized access to cloud resources.
Additional Info: https://thehackernews.com/2023/01/microsoft-azure-services-flaws-couldve.html
Using Zoho ManageEngine?
Do this: Patch immediately.
Why: Zoho ManageEngine is urging users to patch their instances of a critical-severity vulnerability ahead of the release of a proof-of-concept (PoC). This critical-severity vulnerability could be exploited leading to remote code execution.
Additional Info: https://thehackernews.com/2023/01/zoho-manageengine-poc-exploit-to-be.html
Using OpenText’s Enterprise Content Management (ECM) Product?
Do this: Patch immediately.
Why: OpenText recently released patches addressing several critical-severity vulnerabilities that could be exploited to obtain remote code execution.
Additional Info: https://www.securityweek.com/critical-vulnerabilities-patched-opentext-enterprise-content-management-system?&web_view=true
