Attacks

Synology urges all VPN Plus Server for SRM (Synology Router Manager) users patch as soon as possible to the latest version. Users can apply updates by: 1. Logging into Synology Desktop environment2. Opening the Package Center app3. Click Update on the left panel to see available updates. Click the Update buttons or Update All to update packages. https://www.bleepingcomputer.com/news/security/synology-fixes-maximum-severity-vulnerability-in-vpn-routers/ https://nvd.nist.gov/vuln/detail/CVE-2022-43931 https://www.synology.com/en-us/security/advisory/Synology_SA_22_26 https://kb.synology.com/en-nz/SRM/help/SRM/PkgManApp/manage?version=1_2

Read More

As long as the interest and shortages continue, cybercriminals will continue to attempt to impersonate Flipper Zero through fake shops to trick security enthusiasts into giving up their personal information and crypto. Due to this, it is vital to be on the lookout for these promotions and shops claiming immediate product availability and only buy from the official store. https://www.bleepingcomputer.com/news/security/ongoing-flipper-zero-phishing-attacks-target-infosec-community/

Read More

Threat actors with access to stolen, sensitive data have many options to utilize this data in a malicious manner. In this case, the threat group decided to use confidential data as lures in phishing emails to carry out a second attack against victims. Whenever a company is alerted to a breach and makes it public, all customers who believe they may have had data compromised should remain vigilant to the use of this data in…

Read More

WordPress is a very common website platform because it is free and easy to use, but this also makes it a more desirable target for threat actors. Keeping a WordPress site up to date is crucial. Fortunately, WordPress does have an automatic update feature which Binary Defense strongly recommends that users enable. Because many plug-ins are community created and distributed, often times critical updates can be slow to release, if an update comes at all.…

Read More

Users of the above Netgear devices should update their firmware as soon as possible. Netgear support documentation provides update instructions for affected users: 1. Visit NETGEAR Support: https://www.netgear.com/support/2. Start typing your model number in the search box, then select your model from the drop-down menu as soon as it appears.3. If you do not see a drop-down menu, make sure that you entered your model number correctly, or select a product category to browse for…

Read More

It is highly recommended to patch any Citrix devices in an organization’s environment as soon as possible if they are vulnerable to either of these vulnerabilities. Since at least one of them is known to have threat actors actively exploiting it, the sooner the devices can be patched, the less chance that a threat actor will be able to compromise it and spread throughout an organization. It is recommended that organizations update their Citrix applications…

Read More

To protect against ransomware attacks, organizations should: · Regularly back up data, air gap backups, and password-protect backup copies offline. · Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides. · Implement network segmentation. · Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location · Install updates/patches operating systems, software,…

Read More

Companies with well-known brand names should continuously monitor domain name registrations to identify potential typo-squatting attacks impersonating their brand name. The Uniform Domain-Name Dispute Resolution Policy can be used by companies to reclaim brand-infringing domains. If the infringing domain is being used to deliver malware, most domain registrars will honor a request for an immediate take-down of the offending domain. Binary Defense Counterintelligence services include monitoring of typo-squatting domain names and review of impersonating websites.…

Read More