Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cisco Firepower Management Center Vulnerability
Advisory Overview Security researchers discovered a critical flaw in the web interface of the Cisco Firepower management center (FMC). Cisco Firepower management center is a platform for managing Cisco network security solutions such as firewalls, application control, intrusion prevention, URL...
Cybersecurity Threat Advisory: RCE in OpenSMTPD library (CVE-2020-7247)
Advisory Overview There is a critical remote code execution vulnerability in the OpenSMTPD library, impacting BSD and Linux Distros. Exploitation could allow an attacker to execute commands as root. A link to the patch is included in the recommendation section...
Cybersecurity Threat Advisory: Iranian Hacking Campaign Targets European Energy Company
Advisory Overview Researchers have reported increased cyber activity within the European energy sector by a high-profile hacking group. The increased activity is possibly linked to Iranian state sponsored attacks. The hackers conducted cyber espionage and gained remote access using the...
Cybersecurity Threat Advisory: Security Vulnerabilities Identified in ConnectWise Control
Advisory Overview Multiple security vulnerabilities in ConnectWise Control were recently disclosed. Anyone using the MSP focused software should immediately update to the newest version and be on the lookout for future updates. ConnectWise has responded to the disclosure and issued...
Cybersecurity Threat Advisory: Sodinokibi Ransomware
Advisory Overview We have previously issued advisories on Sodinokibi Ransomware in Threat Advisory 0034-19 and Threat Advisory 0021-19. The same strand recently hit a Colorado Based MSP Synoptek and the foreign currency exchange Travelex. Sodinokibi has been particularly damaging and...
Cybersecurity Threat Advisory: SIM Swapping Fraud
Advisory Overview There has been increase in targeted attacks using SIM Swapping as a method to gain access to victim’s private data such as banking information, credit card information, and personally identifiable information. We advise taking extra precautions to secure...
Cybersecurity Threat Advisory: RSA SecurID 2FA Bypass
Advisory Overview Malicious actors have found a way to bypass 2FA for VPN accounts that were secured with RSA SecurID. RSA considers the scenario to be against recommended deployment practices rather than a security vulnerability. They continued to say that...
Cybersecurity Threat Advisory: Windows 7 End of Life
Advisory Overview Windows 7 has reached end of life on January 14th, 2020. Users who fail to upgrade leave themselves vulnerable to newly discovered malware and remote code execution attacks as Microsoft will no longer provide security fixes for these...
Cybersecurity Threat Advisory: Windows CryptoAPI Spoofing Vulnerability
Advisory Overview Multiple versions of Windows are susceptible to a spoofing vulnerability that could allow an attacker to modify TLS-encrypted communications or spoof an Authenticode signature. Microsoft has issued an update to fix the vulnerability which is available in the...
Cybersecurity Threat Advisory: Rise in Malicious Cyber Activity by Iranian Regime Actors
Advisory Overview There has been a rise in recent malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies, according to the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA)...
