Author: DEFENDEDGE
-
Ransomware Deals Deathblow to 157-year-old College
Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much. Read more
-
AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers
Original release date: May 11, 2022 Summary Tactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. • Ensure MSP-customer contracts transparently identify ownership of ICT security… Read more
-
U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors
Original release date: May 10, 2022 CISA and the Federal Bureau of Investigation (FBI) have updated the joint cybersecurity advisory, Strengthening Cybersecurity of SATCOM Network Providers and Customers, originally released March 17, 2022, with U.S. government attribution to Russian state-sponsored malicious cyber actors. The United States assesses Russia launched cyberattacks in late February against commercial… Read more
-
Microsoft Releases Security Advisory for Azure Data Factory and Azure Synapse Pipelines
Original release date: May 9, 2022 | Last revised: May 10, 2022 Microsoft has released a security advisory to address a remote code execution vulnerability affecting Azure Data Factory and Azure Synapse Pipelines. A remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Microsoft… Read more
-
Hackers Actively Exploit F5 BIG-IP Bug
The bug has a severe rating of 9.8, public exploits are released. Read more
-
FBI: Rise in Business Email-based Attacks is a $43B Headache
A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem. Read more
-
Cisco Releases Security Updates for Enterprise NFV Infrastructure Software
Original release date: May 5, 2022 Cisco has released security updates to address multiple vulnerabilities in Enterprise NFV Infrastructure Software. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Cisco advisory cisco-sa-NFVIS-MUL-7DySRX9 and apply the necessary updates. For updates addressing lower severity vulnerabilities, see… Read more
-
Podcasts
Defending the Edge A Cyber Security Podcast Defending the Edge is a weekly cyber security podcast bringing you the updates that matter most to you in the cyber security domain. Join host Calvin Bryant and the Defend Edge team as they keep you informed on current cyber threats, hostile actors, and solutions, interview experts in… Read more
-
F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems
The vulnerability is ‘critical’ with a CVSS severity rating of 9.8 out of 10. Read more
-
F5 Releases Security Advisories Addressing Multiple Vulnerabilities
Original release date: May 4, 2022 F5 has released security advisories on vulnerabilities affecting multiple products, including various versions of BIG-IP. Included in the release is an advisory for CVE-2022-1388, which allows undisclosed requests to bypass the iControl REST authentication in BIG-IP. An attacker could exploit CVE-2022-1388 to take control of an affected system. CISA… Read more