Security

Please see Security Advisories for the week ending July 3, 2020 Palo Alto Networks Security Updates for PAN-OS Netgear Product Vulnerabilities Microsoft Releases Security Updates for Windows 10, Windows Server Mozilla Releases Security Updates for Firefox and Firefox ESR F5 Security Updates for BIG-IP Cisco Small Business Smart and Managed Switches Session Management Vulnerability Samba Security Updates Released ________________________________ Palo Alto Networks Security Updates for PAN-OS Situation Palo Alto Networks has… Read More

Original blog posted by DataEndure CTO/CISO, Shahin Pirooz on linkedin.com. DataEndure has traditionally highlighted a security “trifecta” of DNS security, endpoint security, and our SOC-as-a-Service as a way for organizations to fortify their security posture, there has been a fourth category that has jettisoned itself onto the stage, earning a fourth designation. COVID-19 and the rapid movement of employees to remote locations has introduced an expanded threat surface and new… Read More

Please see Security Advisories for the week ending June 26, 2020 Apache Releases Security Advisory for Apache Tomcat Cisco Releases Security Advisory for Telnet Vulnerability in IOS XE Software VMware Security Updates for Multiple Products Security Updates for Chrome (83.0.4103.116) Adobe Magento Security Updates Available ________________________________ Apache Releases Security Advisory for Apache Tomcat Situation Apache has released an advisory to address a vulnerability in Apache Tomcat where an attacker could exploit… Read More

Please see Security Advisories for the week ending June 19, 2020 Critical ‘Ripple20’ Vulnerabilities Affecting Millions of Internet Connected Devices Microsoft Releases Security Updates for Windows Cisco WebEx Meetings, Cisco TelePresence and Cisco RV Series Routers Security Updates CERT NZ Releases Advisory on Ransomware Campaign Drupal Releases Security Updates Adobe Releases Security Updates for Multiple Products Google Chrome Security Updates for Desktop Browsers ________________________________ Critical ‘Ripple20’ Vulnerabilities Affecting Millions of Internet… Read More

Please see Security Advisories for the week ending June 12, 2020 WordPress Security Update IC3 Releases Alert on Mobile Banking Apps VMware Horizon Client for Windows Security Update Adobe Security Updates for Flash Player, Experience Manager, and FrameMaker Microsoft June 2020 Security Updates CallStranger Vulnerability in Universal Plug and Play Protocol ________________________________ WordPress Security Update Situation The WordPress Foundation has discovered and patched several security vulnerabilities in WordPress. Problem The WordPress Foundation… Read More

Please see Security Advisories for the week ending June 5, 2020 MacOS Catalina & Mojave & High Sierra Security Updates Hurricane Related Scams Apple Security Update for Mac, iOS, iPadOS, watchOS, tvOS Cisco Security Updates for NX-OS Software Mozilla Releases Security Updates for Firefox and Firefox ESR Google Releases Security Updates for Chrome Cisco IOx and IOS XE Software Security Updates ________________________________ MacOS Catalina, Mojave and High Sierra Security Updates Situation Apple has… Read More

Most ransomware impacts customers via a shotgun approach to penetration. In other words, it casts out a wide net, and whomever it happens to catch in that net it attempts to infiltrate and then compromise their vulnerabilities to implement its particular flavor of ransomware. The intent? Encrypting the customer’s environment and holding the encryption keys hostage until the “ransom” is paid by the company to release those keys. This model says that… Read More

Please see Security Advisories for the week ending May 15, 2020 New Variant of Dark Crystal RAT Discovered Microsoft Releases May 2020 Security Updates Increase in North Korean Malicious Cyber Activity Adobe Releases Security Updates for Adobe DNG Software Development Kit, Acrobat, and Reader Vulnerabilities Discovered in VMware vRealize Operations Manager (vROps) ________________________________ New Variant of Dark Crystal RAT Discovered Situation FireEye has discovered a new variant of Dark Crystal RAT (DCRat)… Read More

Security Advisory:  NSA, ASD Release Information for Mitigating Web Shell Malware Situation The NSA (U.S National Security Agency) and ASD (Australian Signals Directorate) have released a Cyber Security information sheet to help detect and mitigate web shell malware attacks. Cybercriminals are increasingly using web shell malware on webservers to access and compromise networks and their data. Problem There is a large increase in Web shell malware attacks on web servers… Read More

Cisco Security seeing Uptick in WebEx Phishing Situation Cisco Security is seeing a uptick in reported phishing emails requesting users to update their Cisco WebEx client immediately to secure a vulnerability. Problem Cyber threat actors are using new and targeted attempts, even obfuscating their intent with reporting real vulnerabilities in their phishing emails, attempting to steal user credentials by making them believe they are vulnerable and need to login to… Read More