Author: ContentCreator
-
AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Original release date: November 17, 2021 Summary Actions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591. • Implement multi-factor authentication. • Use strong, unique passwords. Note: this advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework,… Read more
-
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities
Original release date: November 17, 2021 CISA, the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) have released a joint Cybersecurity Advisory highlighting ongoing malicious cyber activity by an advanced persistent threat (APT) group that FBI, CISA, ACSC, and NCSC assess is associated with… Read more
-
MosesStaff Locks Up Targets, with No Ransom Demand, No Decryption
A politically motivated group is paralyzing Israeli entities with no financial goal — and no intention of handing over decryption keys. Read more
-
New Federal Government Cybersecurity Incident and Vulnerability Response Playbooks
Original release date: November 16, 2021 The White House, via Executive Order (EO) 14028: Improving the Nation’s Cybersecurity, tasked CISA, as the operational lead for federal cybersecurity, to “develop a standard set of operational procedures (i.e., playbook) to be used in planning and conducting cybersecurity vulnerability and incident response activity” for federal civilian agency information… Read more
-
High-Severity Intel Processor Bug Exposes Encryption Keys
CVE-2021-0146, arising from a debugging functionality with excessive privileges, allows attackers to read encrypted files. Read more
-
Vulnerability Summary for the Week of November 8, 2021
Original release date: November 15, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info airangel — hsmx-app-25_firmware Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution. 2021-11-10 10 CVE-2021-40521 MISC MISC asgaros — asgaros_forum The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user… Read more
-
Top 10 Cybersecurity Best Practices to Combat Ransomware
Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile. Read more
-
Windows 10 Privilege-Escalation Zero-Day Gets an Unofficial Fix
Researchers warn that CVE-2021-34484 can be exploited with a patch bypass for a bug originally addressed in August by Microsoft. Read more
-
Mac Zero Day Targets Apple Devices in Hong Kong
Google researchers have detailed a widespread watering-hole attack that installed a backdoor on Apple devices that visited Hong Kong-based media and pro-democracy sites. Read more
-
An American company announced that the Russian Foreign Intelligence Service (SVR) launched a campaign targeting resellers and other technology service providers that customize, deploy and manage cloud services.
The Russia-based agency behind last year’s massive SolarWinds cyberattack has tried to hack another 140 tech companies, its latest intrusion into US cyber infrastructure. Microsoft says that Nobelium’s latest hack targeted ‘resellers and other technology service providers that customize, deploy and manage cloud services.’ Fourteen firms successfully had their defenses breached, although they haven’t been… Read more