Security

Situation Cisco has released a patch to update Aironet Access Point software for their wireless controllers and access points. This is to prevent a vulnerability that allows for insufficient access control for certain URLs on an affected device. This could result in denial of service, remote reset of end devices, modification of the SSID wireless ID information, and view sensitive information on the network. Problem Unpatched Cisco Aironet controllers and… Read More

Each October, the US Department of Homeland Security observes National Cybersecurity Awareness Month, “a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online.” In today’s information era, data security is everyone’s responsibility. Whether you’re a small company delivering professional services to a local clientele, or an enterprise… Read More

Situation Three critical Remote Code Execution vulnerabilities (CVE-2019-2184, CVE-2019-2185, CVE-2019-2186), were found in the Android Media Framework. Problem These vulnerabilities affect a large number of Android models and versions, specifically ones with a Qualcomm chip. Models include LG, Samsung, Google, Huawei, and Xiaomi. Versions include 7.1.1, 7.1.2, 8.0, 8.1, and 9. Implication  Remote attackers could use a specially crafted file to execute code, which could lead to attacker installing malicious apps… Read More

Situation Microsoft has issued an out-of-band security patch to address critical vulnerabilities in Internet Explorer and Microsoft Defender. Problem The security patch addresses two vulnerabilities: 1. An Internet Explorer remote code execution vulnerability exists in the way that the scripting engine handles objects in memory. 2. A Microsoft Defender denial of service vulnerability caused by improperly handling files. The vulnerabilities affect Windows 10, 8.1, 7, Windows Server 2019, 2016, 2012, 2012 R2, 2008,… Read More

Situation A vulnerability (CVE-2019-10197) was found in Samba versions 4.9.0 through 4.10.7 that could allow for unintended access, addition, and/or modification to files over the network. Problem The vulnerability is a flaw with Samba SMB server which does not properly prevent clients from escaping outside the share root directory. Implication An attacker could use this vulnerability to gain access to files outside of the Samba share which could lead to… Read More

Situation Critical vulnerabilities have been found in Cisco’s Integrated Management Controller (IMC) Supervisor, Unified Computing System (UCS) Director, and UCS Director Express for Big Data. Problem Four critical vulnerabilities have been found impacting UCS Director, and UCS Director Express for Big Data. Three of the vulnerabilities impact IMC Supervisor. The vulnerabilities and what devices they impact: Two authentication bypass vulnerabilities affecting IMC Supervisor, UCS Director, and UCS Director Express for… Read More

Last month, we looked back at Fortune’s Brainstorm Tech 2019 in Aspen, Colorado. During a lunchtime cybersecurity roundtable, the featured speakers were asked a two-part question: What’s the biggest challenge the world faces with respect to cybersecurity today? And what is the solution?  We posed the first question to Shahin Pirooz, CTO and CISO at DataEndure in our previous post. This month we will look at the solution. For decades,… Read More

Fortune’s Brainstorm Tech 2019 was held recently in Aspen, Colorado. During a lunchtime cybersecurity roundtable, the session’s featured speakers were asked a two-part question: What’s the biggest challenge the world faces with respect to cybersecurity today? And what is the solution? We posed the same two questions to Shahin Pirooz, CTO and CISO at DataEndure.  With over two decades leading technology teams and having been deeply immersed in the evolution… Read More

Ransomware eCh0raix Targeting NAS Machines Situation A new ransomware called eCh0raix is targeting NAS (network attached storage) machines produced by the vendor QNAP Systems. The eCh0raix ransomware uses brute-force attacks to infect QNAP NAS systems. Problem The eCh0raix ransomware is specifically targeting unpatched QNAP NAP systems. If eCh0raix successfully infects a system, it can decrypt files stored on QNAP NAS systems. eCh0raix will then deliver the ransomware by maliciously encrypting… Read More

Situation A critical vulnerability was found on Linux Exim mail transport agent (MTA) versions 4.87 to 4.91. Problem The vulnerability found on Exim, allows for improper validation of the recipient address, which may lead to remote command execution. Implication Successful exploitation of this vulnerability can allow an attacker to perform command executions as root. The attacker can then install programs; view, change, or delete data; or create new accounts with… Read More