Author: DEFENDEDGE
-
CISA Incident Response to SUPERNOVA Malware
Original release date: April 22, 2021 CISA has released AR21-112A: CISA Identifies SUPERNOVA Malware During Incident Response to provide analysis of a compromise in an organization’s enterprise network by an advance persistent threat actor. This report provides tactics, techniques, and procedures CISA observed during the incident response engagement. CISA encourages organizations to review AR21-112A for… Read more
-
Cyber Security Best Practices
Cyber Security Best Practices Many organizations struggle to keep their IT infrastructure secure and organized. One simple security measure that we at DefendEdge strongly recommend to all our clients is to implement cyber security “best practices”; these are industry-standard measures that make your environment much harder to compromise by any potential bad actor. These best… Read more
-
4 Innovative Ways Cyberattackers Hunt for Security Bugs
David “moose” Wolpoff, co-founder and CTO at Randori, talks lesser-known hacking paths, including unresolved “fixme” flags in developer support groups. Read more
-
SonicWall Releases Patches for Email Security Products
Original release date: April 21, 2021 CISA is aware of three vulnerabilities affecting SonicWall Email Security products: CVE-2021-20021, CVE-2021-20022, and CVE-2021-20023. A remote attacker could exploit these vulnerabilities to take control of an affected system. According to SonicWall, “In at least one known case, these vulnerabilities have been observed to be exploited ‘in the wild.’”… Read more
-
Pulse Secure Critical Zero-Day Security Bug Under Active Exploit
CVE-2021-22893 allows remote code-execution (RCE) and is being used in the wild by nation-state cyberattackers to compromise VPN appliances in defense, finance and government orgs. Read more
-
Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock
The Mozilla Foundation releases Firefox 88, fixing 13 bugs ranging from high to low severity. Read more
-
CISA Issues Emergency Directive on Pulse Connect Secure
Original release date: April 20, 2021 CISA has issued Emergency Directive (ED) 21-03, as well as Alert AA21-110A, to address the exploitation of vulnerabilities affecting Pulse Connect Secure (PCS) software. An attacker could exploit these vulnerabilities to gain persistent system access and take control of the enterprise network operating the vulnerable PCS device. These vulnerabilities… Read more
-
AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
Original release date: April 20, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to vulnerabilities in certain Ivanti Pulse Connect Secure products. Since March 31, 2021,… Read more
-
CISA Releases Alert on Exploitation of Pulse Connect Secure Vulnerabilities
Original release date: April 20, 2021 CISA is aware of ongoing exploitation of Ivanti Pulse Connect Secure vulnerabilities compromising U.S. government agencies, critical infrastructure entities, and private sector organizations. In response, CISA has released Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities to offer technical details regarding this activity. Ivanti has provided a mitigation and… Read more
-
AA-21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
Original release date: April 20, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related vulnerabilities in certain Ivanti Pulse Connect Secure products. Since March 31, 2021, CISA… Read more