Author: DEFENDEDGE

  • Kaseya VSA Supply-Chain Ransomware Attack

    DEFENDEDGE

    Original release date: July 2, 2021 CISA is taking action to understand and address the recent supply-chain ransomware attack against Kaseya VSA and the multiple managed service providers (MSPs) that employ VSA software. CISA encourages organizations to review the Kaseya advisory and immediately follow their guidance to shutdown VSA servers.  This product is provided subject… Read more

  • SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers

    DEFENDEDGE

    In another sign of the Russian hackers who breached SolarWinds network monitoring software to compromise a slew of entities never really went away. The threat actor behind the malicious activity used password spraying and brute-force attacks to guess passwords and gain access to its customer account.  The recent activity was mostly unsuccessful and the majority… Read more

  • CISA Offers New Mitigation for PrintNightmare Bug

    DEFENDEDGE

    CERT urges administrators to disable the Windows Print spooler service in Domain Controllers and systems that don’t print, while Microsoft attempts to clarify RCE flaw with a new CVE assignment. Read more

  • Widespread Brute-Force Attacks Tied to Russia’s APT28

    DEFENDEDGE

    The ongoing attacks are targeting cloud services such as Office 365 to steal passwords and password-spray a vast range of targets, including in U.S. and European governments and military. Read more

  • Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks

    DEFENDEDGE

    Nate Warfield, CTO of Prevailion and former Microsoft security researcher, discusses the many security challenges and failings plaguing this industry. Read more

  • NSA-CISA-NCSC-FBI Joint Cybersecurity Advisory on Russian GRU Brute Force Campaign

    DEFENDEDGE

    Original release date: July 1, 2021 The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre (NCSC) have released Joint Cybersecurity Advisory (CSA): Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments. The CSA provides details on the… Read more

  • Incident Response Plan

    DEFENDEDGE

    Due to the ever-changing threat that cybersecurity poses, any organization is at risk of being a victim of a cyber-attack. This means a company risks their reputation, revenue, and their client’s trust if they do not have the proper security measures in place to prevent their data from being compromised.   An Incident Response Plan (IRP) is a set of tools and… Read more

  • Netgear Authentication Bypass Allows Router Takeover

    DEFENDEDGE

    Microsoft researchers discovered the firmware flaws in the DGN-2200v1 series router that can enable authentication bypass to take over devices and access stored credentials. Read more

  • Indexsinas SMB Worm Campaign Infests Whole Enterprises

    DEFENDEDGE

    The self-propagating malware’s attack chain is complex, using former NSA cyberweapons, and ultimately drops cryptominers on targeted machines. Read more

  • PrintNightmare, Critical Windows Print Spooler Vulnerability

    DEFENDEDGE

    Original release date: June 30, 2021 The CERT Coordination Center (CERT/CC) has released a VulNote for a critical remote code execution vulnerability in the Windows Print spooler service, noting: “while Microsoft has released an update for CVE-2021-1675, it is important to realize that this update does not address the public exploits that also identify as… Read more