Author: DEFENDEDGE

The ransomware gang known as Cuba is increasingly shifting to exploiting Exchange bugs – including crooks’ favorites, ProxyShell and ProxyLogon – as initial infection vectors. Read more

Original release date: February 25, 2022 Mozilla has released a security update to address a vulnerability in Mozilla VPN. An attacker could exploit this vulnerability to take control of an affected system.   CISA encourages users and administrators to review Mozilla Foundation Security Advisory 2022-08 and make the necessary update. This product is provided subject to… Read more

A pair of bugs in the Snap-owned tracking app reveal phone numbers and allow account hijacking. Read more

Original release date: February 24, 2022 CISA, The Federal Bureau of Investigation (FBI), U.S. Cyber Command Cyber National Mission Force (CNMF), the United Kingdom’s National Cyber Security Centre (NCSC-UK), and the National Security Agency (NSA) have issued a joint Cybersecurity Advisory (CSA) detailing malicious cyber operations by Iranian government-sponsored advanced persistent threat (APT) actors known as… Read more

Original release date: February 24, 2022 Summary Actions to Take Today to Protect Against Malicious Activity * Search for indicators of compromise. * Use antivirus software. * Patch all systems. * Prioritize patching known exploited vulnerabilities. * Train users to recognize and report phishing attempts. * Use multi-factor authentication. Note: this advisory uses the MITRE… Read more

With human error being the common factor in most cyberattacks, employee training has got to get better. To that end, Trustwave cybersec training expert Darren Van Booven explains the importance of fish stress balls and management buy-in. Read more

One cryptography expert said that ‘serious flaws’ in the way Samsung phones encrypt sensitive material, as revealed by academics, are ’embarrassingly bad.’ Read more

Original release date: February 23, 2022 The United Kingdom’s National Cyber Security Centre, CISA, the National Security Agency, and the Federal Bureau of Investigation have released a joint Cybersecurity Advisory (CSA) reporting that the malicious cyber actor known as Sandworm or Voodoo Bear is using new malware, referred to as Cyclops Blink. Cyclops Blink appears to… Read more

Original release date: February 23, 2022 Summary The Sandworm actor, which the United Kingdom and the United States have previously attributed to the Russian GRU, has replaced the exposed VPNFilter malware with a new more advanced framework. The United Kingdom’s (UK) National Cyber Security Centre (NCSC), the Cybersecurity and Infrastructure Security Agency (CISA), the National… Read more

Original release date: February 21, 2022   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info accel-ppp — accel-ppp The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr->val.integer without any bound checks. If the client connects to… Read more