Cybersecurity Threat Advisory: Cisco Flaw Leaves Networks Wide Open
What is the threat? Security researchers identified a critical and unpatched vulnerability (CVE-2018-15439) in the widely deployed Cisco Small Business Switch Software that could allow a remote attacker to bypass security restrictions and gain full admin access. The default configuration...
Cybersecurity Threat Advisory: Global DNS Hijacking Campaign
What is the threat? Organized cyber attackers have hijacked many Domain Name Servers (DNS) and manipulated them in ways which allow them to redirect traffic to/from a victim network and harvest usernames, passwords, and domain credentials for organizations which they...
Cybersecurity Threat Advisory: Linux Systemd Exploit
What is the threat? A core component in Linux that manages system processes known as “systemd” could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems. These vulnerabilities reside in the “systemd-journald” service that...
Cybersecurity Threat Advisory: Zero Day in Windows Kernel Transaction Manager
What is the threat? A new, zero-day exploit was discovered targeting several victims in the Middle East and Asia. The vulnerability affects Microsoft Windows and Microsoft server. The Microsoft Windows Kernel Transaction Manager(KTM)is vulnerable to a race condition because it...
Cybersecurity Threat Advisory: Advanced Persistent Threat Activity exploiting MSPs
What is the Issue? The National Cybersecurity and Communications integration center identified ongoing APT (advanced persistent threat) attempting to infiltrate networks of managed service providers (MSPs). APT actors are leveraging legitimate credentials to exploit trusted network relationships and allowing these...
The best defense against ransomware
Ransomware has been striking businesses of all sizes, including municipalities, impacting their infrastructures. In the past three months, cybercriminals have successfully attacked six major cities. In each case, the attack brought great inconvenience to the victims. The city of Baltimore...
Cybersecurity Threat Advisory: HIDDEN COBRA – FASTCash Campaign
What is the Issue? The FBI – in partnership with U.S. government partners, DHS, and Treasury – identified malware and other indicators of compromise (IOCs) used by the North Korean government in an Automated Teller Machine (ATM) cash-out scheme –...
Cybersecurity Threat Advisory: Access-Token-Harvesting Attack Affects Facebook
What is the Issue? Many applications typically require an email verification step to authenticate identity before logging the user in. If a person signs up for any app using Facebook Login, an account is created for them, and the authentication...
Cybersecurity Threat Advisory: Newegg Data Breach Left Customer Credit Cards Exposed
What is the Issue? The online retailer Newegg confirmed on Wednesday that credit card information from customers had been stolen using a sophisticated attack. Hackers injected 15 lines of card skimming code on the online retailer’s payments page; the code...
Cybersecurity Threat Advisory: Data Theft Risks from “Cold Boot Attack” Variation
What is the Issue? Researchers have discovered that a new exploit built on the foundations of the cold boot attack leaves nearly all laptops and desktops; both Windows and Mac users vulnerable. Attackers can meddle with a computer’s firmware to...
