Author: DEFENDEDGE

  • Oracle Releases October 2021 Critical Patch Update

    Original release date: October 19, 2021 Oracle has released its Critical Patch Update for October 2021 to address 419 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the Oracle October 2021 Critical Patch Update and apply the… Read more

  • Time to Build Accountability Back into Cybersecurity

    Chris Hass, director of information security and research at Automox, discusses how to assign security responsibility, punishment for poor cyber-hygiene and IDing ‘security champions’ to help small businesses. Read more

  • Podcast: Could the Zoho Flaw Trigger SolarWinds 2.0?

    Companies are worried that the highly privileged password app could let attackers deep inside an enterprise’s footprint, says Redscan’s George Glass. Read more

  • Twitter Suspends Accounts Used to Snare Security Researchers

    The accounts were used to catfish security researchers into downloading malware in a long-running cyber-espionage campaign attributed to North Korea. Read more

  • CISA, FBI, and NSA Release Joint Cybersecurity Advisory on Blackmatter Ransomware

    Original release date: October 18, 2021 CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released joint Cybersecurity Advisory (CSA): BlackMatter Ransomware. Since July 2021, malicious cyber actors have used BlackMatter ransomware to target multiple U.S. critical infrastructure entities, including a U.S. Food and Agriculture Sector organization. Using an analyzed… Read more

  • AA21-291A: BlackMatter Ransomware

    Original release date: October 18, 2021 Summary Actions You Can Take Now to Protect Against BlackMatter Ransomware • Implement and enforce backup and restoration policies and procedures. • Use strong, unique passwords. • Use multi-factor authentication. • Implement network segmentation and traversal monitoring. Note: this advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®)… Read more

  • Vulnerability Summary for the Week of October 11, 2021

    Original release date: October 18, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info ardour — ardour Ardour v5.12 contains a use-after-free vulnerability in the component ardour/libs/pbd/xml++.cc when using xmlFreeDoc and xmlXPathFreeContext. 2021-10-08 7.5 CVE-2020-22617 MISC MISC digi — realport An issue was discovered in Digi RealPort for… Read more

  • TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates

    The group – which also created BazarLoader and the Conti ransomware – has juiced its distribution tactics to threaten enterprises more than ever. Read more

  • Missouri Vows to Prosecute ‘Hacker’ Who Informed State About Data Leak

    Missouri Gov. Mike Parson launched a criminal investigation of a reporter who flagged a state website that exposed 100K+ Social-Security numbers for teachers and other state employees. Read more

  • Cybersecurity Protects What’s Most Important (and it’s not Your Money)

    Today, nearly every business operates in some form on the internet. With that understanding, every business is at risk of being targeted and victimized by sophisticated cyber-attacks. Common victims include vital information, secured systems/networks, and the integrity of said companies. However, there’s another affected party that may not be addressed enough; our children. Securing your business infrastructure from cybercriminals protects our… Read more