Author: DEFENDEDGE
-
Exchange, Fortinet Flaws Being Exploited by Iranian APT, CISA Warns
Meanwhile, a Microsoft analysis that followed six Iranian threat actor groups for over a year found them increasingly sophisticated, adapting and thriving. Read more
-
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities
Original release date: November 17, 2021 CISA, the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) have released a joint Cybersecurity Advisory highlighting ongoing malicious cyber activity by an advanced persistent threat (APT) group that FBI, CISA, ACSC, and NCSC assess is associated with… Read more
-
AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Original release date: November 17, 2021 Summary Actions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591. • Implement multi-factor authentication. • Use strong, unique passwords. Note: this advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework,… Read more
-
MosesStaff Locks Up Targets, with No Ransom Demand, No Decryption
A politically motivated group is paralyzing Israeli entities with no financial goal — and no intention of handing over decryption keys. Read more
-
New Federal Government Cybersecurity Incident and Vulnerability Response Playbooks
Original release date: November 16, 2021 The White House, via Executive Order (EO) 14028: Improving the Nation’s Cybersecurity, tasked CISA, as the operational lead for federal cybersecurity, to “develop a standard set of operational procedures (i.e., playbook) to be used in planning and conducting cybersecurity vulnerability and incident response activity” for federal civilian agency information… Read more
-
High-Severity Intel Processor Bug Exposes Encryption Keys
CVE-2021-0146, arising from a debugging functionality with excessive privileges, allows attackers to read encrypted files. Read more
-
Vulnerability Summary for the Week of November 8, 2021
Original release date: November 15, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info airangel — hsmx-app-25_firmware Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution. 2021-11-10 10 CVE-2021-40521 MISC MISC asgaros — asgaros_forum The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user… Read more
-
Top 10 Cybersecurity Best Practices to Combat Ransomware
Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile. Read more
-
Windows 10 Privilege-Escalation Zero-Day Gets an Unofficial Fix
Researchers warn that CVE-2021-34484 can be exploited with a patch bypass for a bug originally addressed in August by Microsoft. Read more
-
Mac Zero Day Targets Apple Devices in Hong Kong
Google researchers have detailed a widespread watering-hole attack that installed a backdoor on Apple devices that visited Hong Kong-based media and pro-democracy sites. Read more