Thursday, October 1, 2020

October is National Cybersecurity Awareness Month

Original release date: October 1, 2020October is National Cybersecurity Awareness Month (NCSAM), which is a collaborative effort between the Cybersecurity and Infrastructure Security Agency (CISA) and its public and private partners—including the National Cyber Security Alliance—to ensure every American...

CISA and MS-ISAC Release Ransomware Guide

Original release date: September 30, 2020The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have released a joint Ransomware Guide that details practices that organizations should continuously engage in to help manage...

CISA Releases Telework Essentials Toolkit

Original release date: September 30, 2020The Cybersecurity and Infrastructure Security Agency (CISA) has released the Telework Essentials Toolkit, a comprehensive resource of telework best practices. The Toolkit provides three personalized modules for executive leaders, IT professionals, and teleworkers. Each...

Vulnerability Summary for the Week of September 21, 2020

Original release date: September 28, 2020  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info aveva -- edna_enterprise_data_historian An SQL injection vulnerability exists in the Alias.asmx Web Service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Parameter AliasName in Alias.asmx is vulnerable to unauthenticated...

Cisco Releases Security Updates for Multiple Products

Original release date: September 25, 2020Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages...

Apple Releases Security Updates

Original release date: September 25, 2020Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users...

Federal Agency Compromised by Malicious Cyber Actor

Original release date: September 24, 2020CISA became aware—via EINSTEIN, CISA’s intrusion detection system that monitors federal civilian networks—of a potential compromise of a federal agency’s network. In coordination with the affected agency, CISA conducted an incident response engagement, confirming...

Unpatched Domain Controllers Remain Vulnerable to Netlogon Vulnerability, CVE-2020-1472

Original release date: September 24, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon. A remote attacker can exploit this vulnerability to breach unpatched Active Directory...

Mozilla Releases Security Updates for Firefox and Firefox ESR

Original release date: September 22, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA)...

Mozilla Releases Security Updates for Firefox and Firefox ESR

Original release date: September 22, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA)...

LokiBot Malware

Original release date: September 22, 2020This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise frameworks for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security...

Google Releases Security Updates for Chrome

Original release date: September 22, 2020Google has updated the stable channel for Chrome to 85.0.4183.121 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure...

Samba Releases Security Update for CVE-2020-1472

Original release date: September 21, 2020The Samba Team has released a security update to address a critical vulnerability—CVE-2020-1472—in multiple versions of Samba. This vulnerability could allow a remote attacker to take control of an affected system. The Cybersecurity and Infrastructure...

Vulnerability Summary for the Week of September 14, 2020

Original release date: September 21, 2020  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info apache -- struts Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. 2020-09-14 7.5 CVE-2019-0230MISC dlink --...

CISA Releases Emergency Directive on Microsoft Windows Netlogon Remote Protocol

Original release date: September 18, 2020The Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive (ED) 20-04 addressing a critical vulnerability— CVE-2020-1472—affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker with network access to a domain controller could...

CERT/CC Releases Information on Critical Vulnerability in Microsoft Windows Netlogon Remote Protocol

Original release date: September 17, 2020The CERT Coordination Center (CERT/CC) has released information on CVE-2020-1472, a vulnerability affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker could exploit this vulnerability to obtain Active Directory domain administrator access. Although Microsoft...

Drupal Releases Security Updates

Original release date: September 17, 2020Drupal has released security updates to address vulnerabilities in Drupal 7.x, 8.8.x, 8.9.x, and 9.0.x. An attacker could exploit some of these vulnerabilities to obtain sensitive information or leverage the way HTML is rendered. The...

Apple Releases Security Updates

Original release date: September 17, 2020Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users...

Adobe Releases Security Update for Media Encoder

Original release date: September 16, 2020Adobe has released a security update to address vulnerabilities in Media Encoder. An attacker could exploit these vulnerabilities to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review...

Iran-Based Threat Actor Exploits VPN Vulnerabilities

Original release date: September 15, 2020This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security...

#DTXNOW: Time to Remove Security from IT

#DTXNOW: Time to Remove Security from IT Speaking on a session titled “Is top level security possible on a shoestring budget?” as part of Digital Transformation Expo, security specialists were asked by moderator Jeremy White what their top tips were...
SecurityWeek

HP Offering Big Rewards for Cartridge Vulnerabilities

HP announced on Thursday that it has expanded its bug bounty program, inviting several white hat hackers to find vulnerabilities in its office-class ink and toner cartridges. read more
SC Magazine

Phishing pages leverage CAPTCHAs to fool users, evade detection

Cyberattackers targeting the hospitality industry were recently observed using a phishing page that featured CAPTCHA technology as a way to elude detection, as well as to give potential victims a false sense of security that the malicious site was...

#DTXNOW: Managing Uncertainty to Build Lasting Resilience in Security Teams

#DTXNOW: Managing Uncertainty to Build Lasting Resilience in Security Teams IT and security teams must learn how to navigate to uncertain environments in order to build lasting resilience, according to Jordan Schroeder, deputy MD & managing CISO at Hefestis, speaking...

InterPlanetary Storm: Cross-platform P2P botnet infects computers and IoT devices

IoT botnets have come a long way since Mirai showed its devastating potential in 2016 with distributed denial-of-server attacks that exceeded in strength anything seen before then. Myriad malware programs now infect poorly secured or vulnerable routers, IP cameras,...