Summary: As identified by Jisc, one of our trusted support partners a 0-day Remote Code Execution (RCE) vulnerability in Spring Core, a popular Java framework for building Java applications, has been identified. The RCE vulnerability… More »
What is a Cyber Attack? A Cyber Attack is any attempt to expose, alter, destroy, steal or gain unauthorised access to make unauthorised use of an asset. The incidents can be financially driven, taking advantage… More »
Summary: On February 1, 2022, proof-of-concept exploit code was published for a critical Samba remote code execution vulnerability (CVE-2021-44142). Samba is used for file and print services in Windows, macOS, and Linux operating systems. It… More »
Summary: On January 25, 2022, Qualys disclosed a PwnKit privilege escalation vulnerability (CVE-2021-4034) that affects the pkexec program installed by default on all major Linux distributions. Pkexec is a component of Polkit (formerly PolicyKit), which… More »
As previously shared as part of ESS’s separation from Capita, ESS (Education Software Solutions) will be migrating all of their customers out of the Capita support tool and into the ESS support tool from 24… More »
Summary: On January 11, 2022, Microsoft released patches for critical and important remote code execution (RCE) vulnerabilities that could be appealing to threat actors. There are no reports of active exploitation as of this publication,… More »
As part of ongoing performance improvements, we will be replacing some key equipment within the NetSweeper Web filtering infrastructure. In order to achieve this customers will see a period of outage while the change over… More »
Updated 12th Jan 2022 We would like to confirm some changes taking place with ESS and their support arrangements ESS will be making upcoming change to the system used to provide customer support, the go… More »
Following on from the Log4j advisories sent 13/12 and 15/12, Apache has released version 2.17.0 of Log4j after discovering issues with their previous release, 2.16. Summary: Apache Log4j2 versions 2.0-alpha1 through 2.16.0 did not protect from… More »