UCSF IT Technology

Suse released multiple security updates in November for various Suse products.For a complete description of the vulnerabilities and affected systems go to Suse Nov 2024 Archives by date. IT SecurityRead more about IT Security service offerings.

Ubuntu released multiple security updates in November for various Ubuntu products.For a complete description of the vulnerabilities and affected systems go to Ubuntu November 2024 Archives by date.IT SecurityRead more about IT Security service offerings.

Red Hat released multiple security updates in June for various Red Hat products.For a complete description of the vulnerabilities and affected systems go to Red Hat Security Advisories.IT SecurityRead more about IT Security service offerings.

QNAP released a security update to address Critical and other vulnerabilities in QNAP Notes Station 3. If exploited, the vulnerabilities could allow an attacker to take over the system.For a complete description of the vulnerabilities and affected systems go to Multiple vulnerabilities have been reported to affect Notes Station 3:.IT Security Read more about IT Security service offerings.

VMware has released security updates to address High vulnerabilities affecting the VMware Aria Operations. Malicious hackers can craft exploits to elevate privileges or launch cross-site scripting attacks.For a complete description of the vulnerabilities and affected systems go to VMSA-2024-0022: VMware Aria Operations updates address multiple vulnerabilities(CVE-2024-38830, CVE-2024-38831, CVE-2024-38832, CVE-2024-38833, CVE-2024-38834).

Numerous phishing attacks leveraging variations on winter and end-of-year seasonal themes.These lures, by and large, focus on financial or retail themes.Common elements include alleged holiday gifts from organizational management, Black Friday or winter holiday sales deals, shipping or package lures, and changes in end-of-year benefits.These lures have targeted recipients globally.

Karl Storz released a security notice to address a Critical vulnerability in Karl Storz WB300 AIDA and WD310 AIDA C. A cyber threat actor could exploit this vulnerability to perform remote code execution.For a complete description of the vulnerabilities and affected systems go to CVE-2024-38063 - Windows TCP/IP Remote Code Execution Vulnerability.