Category: alerts
Category Added in a WPeMatico Campaign
-
CISA Offers New Mitigation for PrintNightmare Bug
CERT urges administrators to disable the Windows Print spooler service in Domain Controllers and systems that don’t print, while Microsoft attempts to clarify RCE flaw with a new CVE assignment. Read more
-
Widespread Brute-Force Attacks Tied to Russia’s APT28
The ongoing attacks are targeting cloud services such as Office 365 to steal passwords and password-spray a vast range of targets, including in U.S. and European governments and military. Read more
-
Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks
Nate Warfield, CTO of Prevailion and former Microsoft security researcher, discusses the many security challenges and failings plaguing this industry. Read more
-
NSA-CISA-NCSC-FBI Joint Cybersecurity Advisory on Russian GRU Brute Force Campaign
Original release date: July 1, 2021 The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre (NCSC) have released Joint Cybersecurity Advisory (CSA): Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments. The CSA provides details on the… Read more
-
Netgear Authentication Bypass Allows Router Takeover
Microsoft researchers discovered the firmware flaws in the DGN-2200v1 series router that can enable authentication bypass to take over devices and access stored credentials. Read more
-
Indexsinas SMB Worm Campaign Infests Whole Enterprises
The self-propagating malware’s attack chain is complex, using former NSA cyberweapons, and ultimately drops cryptominers on targeted machines. Read more
-
PrintNightmare, Critical Windows Print Spooler Vulnerability
Original release date: June 30, 2021 The CERT Coordination Center (CERT/CC) has released a VulNote for a critical remote code execution vulnerability in the Windows Print spooler service, noting: “while Microsoft has released an update for CVE-2021-1675, it is important to realize that this update does not address the public exploits that also identify as… Read more
-
CISA’s CSET Tool Sets Sights on Ransomware Threat
Original release date: June 30, 2021 CISA has released a new module in its Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment (RRA). CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks. CSET—applicable to both information technology (IT) and industrial control… Read more
-
Why MTTR is Bad for SecOps
Kerry Matre, senior director at Mandiant, discusses the appropriate metrics to use to measure SOC and analyst performance, and how MTTR leads to bad behavior. Read more
-
Zero-Day Used to Wipe My Book Live Devices
Threat actors may have been duking it out for control of the compromised devices, first using a 2018 RCE, then password-protecting a new vulnerability. Read more