Author: DEFENDEDGE

  • Understanding 2FA vs MFA: A Layered Approach to Cybersecurity

    Understanding 2FA vs MFA: A Layered Approach to Cybersecurity

    In today’s digital landscape, ensuring robust security measures is paramount. With the ever-increasing sophistication of cyber threats, businesses and individuals alike must adopt rigorous authentication protocols. Two primary methods that stand out are Two-Factor Authentication (2FA) and Multi-Factor Authentication (MFA). While they are often used interchangeably, understanding their nuances is crucial for implementing the most… Read more

  • Vulnerability Summary for the Week of July 22, 2024

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info 202ecommerce–paypal  In the module “PayPal Official” for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during… Read more

  • North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs

    Summary The U.S. Federal Bureau of Investigation (FBI) and the following authoring partners are releasing this Cybersecurity Advisory to highlight cyber espionage activity associated with the Democratic People’s Republic of Korea (DPRK)’s Reconnaissance General Bureau (RGB) 3rd Bureau based in Pyongyang and Sinuiju: U.S. Cyber National Mission Force (CNMF) U.S. Cybersecurity and Infrastructure Security Agency… Read more

  • ISC Releases Security Advisories for BIND 9

    The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition.  CISA encourages users and administrators to review the following advisories and apply the necessary updates:  CVE-2024-4076: Assertion failure… Read more

  • Vulnerability Summary for the Week of July 15, 2024

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info 1Panel-dev–1Panel  1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via User-Agent handling. This issue has been addressed in version 1.10.12-lts. Users are advised to upgrade. There are no known workarounds for this vulnerability. 2024-07-18 10… Read more

  • Widespread IT Outage Due to CrowdStrike Update

    Note: CISA will update this Alert with more information as it becomes available. As of 1130am EDT July 19, 2024:  CISA is aware of the widespread outage affecting Microsoft Windows hosts due to an issue with a recent CrowdStrike update and is working closely with Crowdstrike and federal, state, local, tribal and territorial (SLTT) partners,… Read more

  • Ivanti Releases Security Updates for Endpoint Manager

    Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM) and Ivanti Endpoint Manager for Mobile (EPMM). A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following Ivanti advisories and apply the necessary updates: Security Advisory EPM… Read more

  • Eldorado: The Golden City of Ransomware-as-a-Service (RaaS) 

    Eldorado: The Golden City of Ransomware-as-a-Service (RaaS) 

    In today’s rapidly evolving technological landscape, new cybercriminal threats are emerging alongside innovations. A ransomware group named Eldorado recently surfaced and, within a few months, successfully breached 16 companies worldwide, including in the United States. This malware poses a threat to both Windows and Linux systems, demonstrating that anyone can be a victim. Eldorado is… Read more

  • Vulnerability Summary for the Week of July 8, 2024

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info Adobe–Bridge  Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim… Read more

  • AT&T Discloses Breach of Customer Data

    On July 12, AT&T released a public statement on unauthorized access of customer data from a third-party cloud platform. AT&T also provided recommendations and resources for affected customers.     CISA encourages customers to review the following AT&T article for additional information and follow necessary guidance to help protect personal information.    AT&T: Unlawful access of customer data Read more