Category: Security
Cybersecurity Threat Advisory: Zerologon Attack Targeting Windows Servers
Advisory Overview A critical vulnerability has been discovered which affects potentially all Windows domain controllers and can allow an unauthenticated attacker on the network to take control of an Active Directory domain controller at will. This can allow the attacker...
Hackers join the back to school rush
Around the world, workers are dealing with the new reality of having their offices at home. But professionals aren’t the only ones needing to adapt to being at home for the long haul; students are too. And MSPs and IT...
Cybersecurity Threat Advisory: Microsoft’s Patch Critical RCE Flaws
Advisory Overview Several Remote Code Execution (RCE) security flaws were announced in Microsoft’s patch Tuesday; 129 security bugs to be exact. As remote work increases, the need for RCE security increases and at an overwhelming rate. A strong mitigation tactic...
Cybersecurity Threat Advisory: Palo Alto Buffer Overflow Vulnerability (CVE-2020-2040)
Advisory Overview Palo Alto has released a patch for a buffer overflow remote code execution (RCE) vulnerability for their PAN-OS 8.1, 9.0, and 9.1 versions. The vulnerability can allow threat actors to bypass Multi-Factor Authentication (MFA) and execute potentially malicious...
Cybersecurity Threat Advisory: (DVMRP) Vulnerability Found in Cisco IOS XR
Advisory Overview A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. A successful exploit by such an attacker could...
Fake news needs real tools
As a journalist, I’m often at the forefront of covering major news stories, whether it be a court case or a tornado. The proliferation of “fake news” however, has become a significant issue to the reporting profession. Not only has...
Cybersecurity Threat Advisory WordPress File Manager Plugin Vulnerability
Advisory Overview A vulnerability has been discovered in a the popular “File Manager” plugin for the content management system WordPress that can allow an unauthenticated remote attacker to create/move a potentially malicious file on a vulnerable host. This can allow...
Tech Time Warp: Quite the Hotmail hack, eh?
You might not want to admit it, but you may still have a Hotmail account kicking around. Once your premier account—perhaps an upgrade from AOL—it may now be your throwaway address. Once, though, Hotmail was hip—and quite a target for...
Malware targeted Windows users in Q1 2020
A new security report released by AV-Test showed some startling, but not surprising, malware statistics. The key takeaway from the study: Computers that run Windows are most prone to attacks by hackers. The AV-Test report discovered that 114 million new pieces of...
Cybersecurity Threat Advisory: Major Vishing Campaign
Advisory Overview The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have recently issued a warning about the growing threat of “vishing” attacks against companies. Vishing (voice phishing) is a social engineering method that uses...
