CyberSecure Specialist

How to update your Windows driver blocklist to keep malicious drivers away

For many years, attackers have used and abused various ways to get on our systems. From phishing to tricking us to click on websites, if an attacker can get their code on our systems they are no longer our systems. Attackers will even invest the time, energy, and expense to get their malicious drivers approved and co-designed through the Windows Hardware Compatibility Program in order to gain access to our machines. Ensuring that these malicious…

Read More

VMware Releases Patch for Remote Code Execution Bug In Cloud Foundation

As always, it is highly recommended to patch any appliances using vulnerable versions of software and to implement a plan for regular updates.In the event that applying the official patch is not immediately feasible, VMware has also released a temporary workaround: https://kb.vmware.com/s/article/89809 https://www.bleepingcomputer.com/news/security/vmware-fixes-critical-cloud-foundation-remote-code-execution-bug/

Read More

Cisco Warns Admins to Patch AnyConnect Flaw Exploited in Attacks

The U.S. cybersecurity agency also strongly urged all organizations worldwide to prioritize patching these security bugs, even though BOD 22-01 only applies to U.S. FCEB agencies. Organizations are recommended to create a patch management policy to verify that all current systems are kept up to date. https://www.bleepingcomputer.com/news/security/cisco-warns-admins-to-patch-anyconnect-flaw-exploited-in-attacks/

Read More

Unknown Actor Deploying RomCom RAT to Target Ukrainian Military

Researchers at BlackBerry noted, “this campaign is a good example of the blurred line between cybercrime-motivated threat actors and targeted attack threat actors” and it highlights the difficulty of attribution in many campaigns. In the past, the activities of the two groups of threat actors had been largely independent, with targeted attack threat actors relying on custom tooling while cybercrime-motivated threat actors would typically rely on traditional tooling. However, as time goes on and traditional…

Read More

Apple Releases Security Updates for Multiple Products 

Original release date: October 26, 2022 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device.    CISA encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible:  •    Safari 16.1  •    iOS 16.1 and iPadOS 16  •    macOS Big Sur 11.7.1  •    macOS Monterey 12.6.1…

Read More

VMware Patches Critical Vulnerability in End-of-Life Product

VMware this week announced patches for a critical remote code execution vulnerability in VMware Cloud Foundation and NSX Data Center for vSphere (NSX-V). Tracked as CVE-2021-39144 (CVSS score of 9.8), the security defect exists in XStream, an open source library to serialize objects to XML and back. The bug impacts all XStream iterations until and including version 1.4.17. Only out-of-the-box versions are affected, but not those where XStream’s security framework was set up with a…

Read More

Samba Releases Security Updates 

Original release date: October 26, 2022 The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following Samba Security Announcements and apply the necessary updates and workarounds.  •    CVE-2022-3437   •    CVE-2022-3592 This product is provided subject to this Notification and this Privacy & Use policy.

Read More

Microsoft Event Log vulnerabilities threaten some Windows operating systems

A pair of newly discovered vulnerabilities have highlighted the ongoing risks posed by Internet Explorer’s (IE) deep integration into the Windows ecosystem, despite Microsoft ending support for IE in June 2022. Discovered by the Varonis Threat Labs team, the exploits affect an IE-specific Event Log that is present on all current Windows operating systems up to, but not including, Windows 11. The vulnerabilities, dubbed LogCrusher and OverLog by the researchers, have been reported to Microsoft,…

Read More

What happens with a hacked Instagram account – and how to recover it

Had your Instagram account stolen? Don’t panic – here’s how to get your account back and how to avoid getting hacked (again) A friend – let’s call her Ellie – recently called me with a devastated tone in her voice. Her Instagram account had been hacked and she was locked out. Her panic was evident as she told me her password had been changed and that the hackers had added two-factor authentication (2FA) to the…

Read More

Protecting teens from sextortion: What parents should know

Online predators increasingly trick or coerce youth into sharing explicit videos and photos of themselves before threatening to post the content online The digital world has provided countless opportunities for youngsters that their parents never experienced. It helped kids stay in touch with each other during the dark days of pandemic-era lockdowns. And now that the world is opening up again, the allure of the digital world remains undimmed. But the online world also exposes…

Read More