Tanzania Computer Emergency Response Team

Cisco Security Update

4th March 2021

Cisco has released security updates to address vulnerabilities to its multiple products. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition. Users and administrators are encouraged to review Cisco Security Advisories cisco-sa-snort-ethernet-dos and cisco-sa-sdw-sqlinj and apply necessary updates.

Accusoft Security Update

4th March 2021

Cisco Talos has released security update to address a vulnerability in Accusoft ImageGear. Exploitation of this vulnerability may allow an attacker to gain access to sensitive information. Users and administrators are encouraged to review Talos Security Advisory and apply necessary updates.

Juniper Security Update

4th March 2021

Juniper has released security updates to address a vulnerability to its multiple products. Exploitation of this vulnerability may allow an attacker to gain access to sensitive information. Users and administrators are encouraged to review Juniper Security Advisory and apply necessary updates.

Trend Micro Security Update

4th March 2021

Trend Micro has released security updates to address a vulnerability to its multiple products. Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition. Users and administrators are encouraged to review Trend Micro Security Bulletin and apply necessary updates.

Microsoft Exchange Server Zero-Day remote code execution vulnerabilities (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)

4th March 2021

Advisory No: TZCERT/SA/2021/03/04 Date of First Release: 04th March 2021 Source: Microsoft Software Affected: Microsoft Exchange Server 2013Microsoft Exchange Server 2016Microsoft Exchange Server 2019 Overview: The four Microsoft Exchange vulnerabilities are part of an attack chain that may cause an unauthenticated attacker to execute arbitrary code remotely. These vulnerabilities are Server-Side Request Forgery (SSRF) …

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

Cisco Security Update

Accusoft Security Update

Juniper Security Update

Trend Micro Security Update

Microsoft Exchange Server Zero-Day remote code execution vulnerabilities (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)