Important Software Updates and Security Vulnerabilities

Phishing e-mail that hides malicious links from Outlook users
Jan found a phishing email that hides the malicious link from Outlook users. The email uses specific HTML comment clauses Outlook interprets to render or not render specific parts of the email s HTML code. Jan suggests that the phishing email is intented to not expose users of
https://isc.sans.edu/diary/Phishing%20e-mail%20that%20hides%20malicious%20link%20from%20Outlook%20users/32010
Amazon changing default logging from blocking to non-blocking
Amazon will change the default logging mode from blocking to non-blocking. Non-blocking logging will not stop the application if logging fails, but may result in a loss of logs.
https://aws.amazon.com/blogs/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/
Cisco Removes Backdoor
Cisco fixed a Cisco Identity Services Engine on Cloud Platforms Static Credential Vulnerability.
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-aws-static-cred-FPMjUcm7
Infoblox Vulnerability Details disclosed
Details regarding several vulnerabilities recently patched in Infoblox s NetMRI have been made public. In particular an unauthenticated remote code execution issue should be considered critical.
https://rhinosecuritylabs.com/research/infoblox-multiple-cves/