Browsing Tag
Enterprise Security
17 posts
Security issues affecting enterprise software, IT systems, identity, observability, and business infrastructure.
iDirect Satellite Terminal Flaws Put Link Management on the Patch List
CISA says ST Engineering iDirect iQ-Series satellite terminals running software 4.5.2.1 or earlier expose sensitive device identifiers and can be forced into reboots through weak API controls. Operators should treat the July 2 advisory as both a patch event and a management-plane exposure audit.
Adobe ColdFusion Patch Puts Legacy Web Servers on a Fast Triage Clock
Adobe's June 30 security updates fix six maximum-severity ColdFusion flaws and a CVSS 10.0 Adobe Campaign Classic issue. Early probing against one ColdFusion path-traversal bug means admins should pair updates with exposure checks, upload-setting review, and log triage.
Cisco’s Twice-Monthly Patch Cadence Starts With Catalyst Center and ClamAV Fixes
Cisco’s first July security-advisory drop under its new twice-monthly cadence includes a Catalyst Center arbitrary-file-read flaw and seven ClamAV vulnerabilities affecting Cisco Secure Endpoint. The change gives network and security teams more predictability, but it also means Cisco infrastructure patch planning needs to become a standing operating rhythm, not a quarterly scramble.
SharePoint RCE Gives Admins a July 4 Patch Deadline
CISA has added Microsoft SharePoint Server CVE-2026-45659 to its exploited-vulnerabilities catalog, giving federal agencies until July 4 to apply mitigations and run forensic triage. The flaw was patched in May, but active exploitation means on-prem SharePoint teams should verify builds, review exposure, and check for compromise now.
BlueHammer Ransomware Flag Puts Microsoft Defender Patching Back on the Clock
CISA has updated the Microsoft Defender BlueHammer flaw, CVE-2026-33825, to mark it as used in ransomware campaigns. The flaw was patched in April, but the new flag gives Windows teams a fresh reason to verify Defender updates, endpoint telemetry, and local privilege escalation controls.
SimpleHelp Exploit Turns Remote Support Into a Credential Theft Pipeline
Attackers are exploiting CVE-2026-48558 in SimpleHelp to turn remote support access into a malware delivery path. Teams should patch, hunt for forged technician sessions, and rotate credentials exposed on managed endpoints.
AI Pentesting Is Finding Bugs Faster Than Teams Fix Them
Cobalt’s latest AI pentesting research shows security teams are testing AI apps more often, but serious LLM vulnerabilities still have the lowest fix rate of any category. The useful lesson is not to abandon automation, but to connect AI security tests to ownership, triage, and retesting.
Oracle E-Business Suite Exploit Puts Payments Systems on Patch Watch
Attackers are exploiting CVE-2026-46817, a critical Oracle E-Business Suite flaw affecting Oracle Payments, while Shadowserver is tracking roughly 950 internet-facing EBS instances associated with exposure. Teams should verify May 2026 patches, review iPayment endpoint access, and check logs for suspicious file-transmission activity.
Klue Breach Shows How SaaS OAuth Tokens Became a Salesforce Risk
Klue’s June security incident let attackers use a legacy integration credential to obtain OAuth tokens and pull Salesforce CRM data from connected customer environments. The breach is a practical warning for teams that treat SaaS integrations as trusted background plumbing instead of monitored, scoped access paths.
Cisco ISE Flaws Put Network Access Control on a Patch Clock
Cisco patched two Identity Services Engine flaws that can expose hashed credentials and let an authenticated attacker run commands on the underlying operating system. The urgency is highest for teams running ISE 3.4, ISE 3.5, or ISE-PIC, especially because one Cisco ISE 3.5 fix is not due in the normal patch stream until August.