

This week on Risk Radar, Smarttech247 CTO Robert Kehoe covers three security issues CISOs, IT leaders and security teams should have on their radar.
First, a recently disclosed vulnerability in Cisco Unified Communications Manager is being actively exploited. The vulnerability allows unauthenticated attackers to write files, gain root access, exfiltrate data and bypass security controls. Organisations using Cisco Unified CM or Unified CM SME should apply the latest Cisco patches.
Robert also covers the reported ShinyHunters attack against Oracle PeopleSoft. More than 100 organisations have now been affected, following a pattern seen in previous third-party SaaS breaches involving Canvas and Salesforce Salesloft Drift. Security teams should review PeopleSoft and PeopleTools deployments, especially versions 8.61 and 8.62, and audit any internet-facing endpoints.
Finally, Robert looks at new post-quantum cryptography requirements in the US, and why CISOs should start assessing long-lived data that might be harvested today and decrypted in the future.Watch the full update for Robert’s key takeaways.