Malware

26 Oct

Samba Releases Security Updates 

Attacks, Insights, Malware

Original release date: October 26, 2022 The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following Samba Security Announcements and apply the necessary updates and workarounds.  •    CVE-2022-3437   •    CVE-2022-3592 This product is provided subject to this Notification and this Privacy & Use policy.

Read More
26 Oct

Microsoft Event Log vulnerabilities threaten some Windows operating systems

Data Breaches, Malware, Social Engineering

A pair of newly discovered vulnerabilities have highlighted the ongoing risks posed by Internet Explorer’s (IE) deep integration into the Windows ecosystem, despite Microsoft ending support for IE in June 2022. Discovered by the Varonis Threat Labs team, the exploits affect an IE-specific Event Log that is present on all current Windows operating systems up to, but not including, Windows 11. The vulnerabilities, dubbed LogCrusher and OverLog by the researchers, have been reported to Microsoft,…

Read More
25 Oct

LogCrusher and OverLog Vulnerabilities Impacting Windows Event Log Disclosed

Attacks, Malware

Since both vulnerabilities were addressed in this month’s Patch Tuesday, companies should look to patching all their Windows devices as soon as their patch management procedure allows. Additionally, it can be a good idea to implement file system and service monitoring on workstations and servers. Tools such as osquery can do this; in general, such tools can empower Administrators to more effectively understand the activity occurring on the systems for which they are responsible. https://thehackernews.com/2022/10/researchers-detail-windows-event-log.html

Read More
25 Oct

Cryptomining Campaign Abuses Free DevOps solutions

Attacks, Malware

While this campaign targets free services, Binary Defense researchers have observed an uptick in the number of compromises of cloud services like AWS or Azure to mine cryptocurrency. These attacks are effectively theft and can leave organizations with a large bill.For example, a developer in Seattle incurred a bill for over $53,000 which was normally a $100-$150 per month. In another case, a California College student was sent a bill for $55,000.It is highly recommended…

Read More
25 Oct

Google Chrome Announces End of Support for Windows 7 and 8.1

Attacks, Malware

Ensuring that systems are up to date and stay up to date is a key component of staying protected from cyber threats. When notices such as end of support are released, it is important that anyone running affected systems ensure that they are aware of the timeframe they face and begin the proper steps in upgrading affected systems to newer versions. Anyone that keeps running outdated and unsupported versions maintains a higher risk for becoming…

Read More
25 Oct

CISA Has Added One Known Exploited Vulnerability to Catalog    

Attacks, Insights, Malware

Original release date: October 25, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.       Binding Operational Directive…

Read More
25 Oct

CISA Releases Eight Industrial Control Systems Advisories

Attacks, Insights, Malware

Original release date: October 25, 2022 CISA has released eight (8) Industrial Control Systems (ICS) advisories on October 25, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: •    ICSMA-22-298-01 AliveCor KardiaMobile •    ICSA-22-298-01 Haas Controller •    ICSA-22-298-02 HEIDENHAIN Controller TNC •    ICSA-22-298-03 Siemens Siveillance Video Mobile Server •    ICSA-22-298-04 Hitachi Energy…

Read More
25 Oct

CISA Upgrades to Version 2.0 of Traffic Light Protocol in One Week – Join Us!

Attacks, Insights, Malware

Original release date: October 25, 2022 On Nov. 1, 2022, CISA will upgrade from Traffic Light Protocol (TLP) 1.0 to TLP 2.0 in accordance with the recommendation by the Forum of Incident Response Security Teams (FIRST) that organizations move to 2.0 by the end of 2022. TLP Version 2.0 brings the following key updates: TLP:CLEAR replaces TLP:WHITE for publicly releasable information. TLP:AMBER+STRICT supplements TLP:AMBER, clarifying when information  may be shared with the recipient’s organization only. CISA…

Read More
25 Oct

Akamai to boost network-layer DDoS protection with new scrubbing centers

Data Breaches, Malware, Social Engineering

Content delivery network (CDN) provider Akamai said Tuesday that its Prolexic DDoS protection service will become able to handle DDoS attacks of up to 20Tbps, thanks to a new wave of construction of so-called scrubbing centers. The company’s announcement said that this will effectively double its current capacity to handle network-level DDoS attacks, with rollouts planned for “all major regions,” which includes US East and West, Canada, Italy, Spain, Switzerland, India, Japan, Hong Kong and…

Read More
25 Oct

8 hallmarks of a proactive security strategy

Data Breaches, Malware, Social Engineering

CISOs have long been tasked with building response and recovery capabilities, the objective being to have teams that can react to a security incident as quickly as possible and can restore business functions with as little damage as possible. The need for those activities is certainly not going to go away, but many security chiefs are seeking to take more proactive steps to balance out reactive ones. “On the proactive side, you’re trying to predict…

Read More