Please see Security Advisories for the week ending January 28, 2022
- McAfee Releases Security Update for McAfee Agent for Windows
- FBI Releases PIN on Iranian Cyber Group Emennet Pasargad
- CISA Publishes Infographic on Network Security Through Segmentation
McAfee has released McAfee Agent for Windows version 5.7.5, which addresses vulnerabilities CVE-2021-31854 and CVE-2022-0166.
Vulnerabilities were found in McAfee Agent that allowed a local user to perform command injection and privilege escalation.
A local attacker can take over the affected system.
Update the McAfee Agent to the latest version as soon as possible.
For a more technical overview:
The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) that provides a historical overview of Iran-based cyber company Emennet Pasargad’s tactics, techniques, and procedures to enable readers to identify and defend against the group’s malicious cyber activities.
FBI information indicates Emennet poses a broader cybersecurity threat outside of information operations. Since 2018, Emennet has conducted traditional cyber exploitation activity targeting several sectors, including news, shipping, travel (hotels and airlines), oil and petrochemical, financial, and telecommunications, in the United States, Europe, and the Middle East.
Failure to head the guidelines in the advisory could leave one vulnerable to these exploits.
CISA encourages users and administrators to review FBI PIN: Context and Recommendations to Protect Against Malicious Activity by Iranian Cyber Group Emennet Pasargad and apply the recommended mitigations.
For a brief overview:
The CISA has published an infographic that discusses the importance of implementing network segmentation.
Network segmentation is a physical or virtual architectural approach that divides a network into multiple segments, with each acting as its own subnetwork. This provide additional security and control that can help prevent or minimize the impact of a cyber attacks.
Network that are not segmented can allow an attacker to more easily traverse and affect other systems on your network.
The CISA strongly encourages network architects, defenders, and administrators to review the infographic and implement its recommendations where possible.