Tanzania Computer Emergency Response Team

TZCERT-SU-24-0115 (Ubuntu Security Update)

1st February 2024

Ubuntu has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected systems. Users and administrators are encouraged to review Ubuntu Security Advisories USN-6619-1, USN-6591-2, USN-6609-2, USN-6618-1, USN-6587-3, USN-6617-1, USN-6615-1, USN-6616-1, USN-6614-1 and USN-6605-2 and apply necessary updates.

TZCERT-SU-24-0114 (NodeJS Security Update)

1st February 2024

NodeJS has released security updates to address vulnerabilities in Node.js. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review NodeJS Security Advisory and apply necessary updates.

TZCERT-SU-24-0113 (WordPress Security Update)

1st February 2024

Wordfence has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Wordfence Security Advisories Admin_PHP, website-builder, contact-form-entries, instant-images, wp-gdpr-compliance, advanced-iframe and nex-forms and apply necessary updates.

TZCERT-SU-24-0112 (Chrome Security Update)

1st February 2024

Google has released security updates to address vulnerabilities in Chrome for Desktop, iOS android and ChromeOS. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Chrome Security Advisories chrome-for-desktop, chrome-for-ios, chrome-for-android and update-for-chromeos and apply necessary updates.

TZCERT-SU-24-0111 (Cisco Security Update)

1st February 2024

Cisco has released security updates to address vulnerabilities in Cisco Unified CM and Cisco Unity Connection. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Cisco Security Advisories cisco-sa-cucm-rce and cisco-sa-cuc-unauth and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0115 (Ubuntu Security Update)

TZCERT-SU-24-0114 (NodeJS Security Update)

TZCERT-SU-24-0113 (WordPress Security Update)

TZCERT-SU-24-0112 (Chrome Security Update)

TZCERT-SU-24-0111 (Cisco Security Update)

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)