Author: DEFENDEDGE

  • Juniper Releases Multiple Security Updates for Juno OS

    Juniper has released updates to address multiple vulnerabilities in Juno OS. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Juniper’s Support Portal and apply the necessary updates. Read more

  • CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online

    The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), Enhanced Monitoring to Detect APT Activity Targeting Outlook Online, to provide guidance to agencies and critical infrastructure organizations on enhancing monitoring in Microsoft Exchange Online environments.  In June 2023, a Federal Civilian Executive Branch (FCEB)… Read more

  • Enhanced Monitoring to Detect APT Activity Targeting Outlook Online

    SUMMARY In June 2023, a Federal Civilian Executive Branch (FCEB) agency identified suspicious activity in their Microsoft 365 (M365) cloud environment. The agency reported the activity to Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA), and Microsoft determined that advanced persistent threat (APT) actors accessed and exfiltrated unclassified Exchange Online Outlook data. CISA and… Read more

  • Mozilla Releases Security Update for Firefox and Firefox ESR

    Mozilla has released a security update to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Mozilla Security Advisory MFSA 2023-26 and apply the necessary update. Read more

  • Vulnerability Summary for the Week of July 3, 2023

      High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info sem-cms — semcms File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges. 2023-06-30 9.8 CVE-2020-18432MISCMISC flatnest_project — flatnest All versions of the package flatnest are vulnerable to Prototype Pollution via the… Read more

  • Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities

    Progress Software has released a Service Pack to address three newly disclosed vulnerabilities (CVE-2023-36934, CVE-2023-36932, CVE-2023-36933) in MOVEit Transfer. A cyber threat actor could exploit some of these vulnerabilities to obtain sensitive information.  CISA encourages users to review Progress Software’s MOVEit Transfer article and apply product updates as applicable for security improvements. Read more

  • Increased Truebot Activity Infects U.S. and Canada Based Networks

    SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS) are releasing this joint Cybersecurity Advisory (CSA) in response to cyber threat actors leveraging newly identified Truebot malware variants against organizations in the United States… Read more

  • Vulnerability Summary for the Week of June 26, 2023

      High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info apple — mac_os_x A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.6, macOS Monterey 12.3, Security Update 2022-004 Catalina. A remote user may cause an unexpected app termination or… Read more

  • DoS and DDoS Attacks against Multiple Sectors

    CISA is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against multiple organizations in multiple sectors. These attacks can cost an organization time and money and may impose reputational costs while resources and services are inaccessible. If you think you or your business is experiencing a DoS or DDoS attack,… Read more

  • Clop Ransomware Gang: Profiling a Notorious Cybercriminal Organization

    , ,

    In recent years, the Clop ransomware gang has emerged as one of the most prolific and notorious cybercriminal organizations. Employing sophisticated techniques and constantly evolving their strategies, the group has successfully targeted high-profile organizations worldwide. This article aims to provide an informative profile of the Clop ransomware gang, detailing its history, operations, and recent activities.… Read more