Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: CDPwn Vulnerabilities Impact Cisco Devices
Advisory Overview Five vulnerabilities were discovered in Cisco devices, exploiting the Cisco Discovery Protocol. The vulnerabilities are grouped under the name CDPwn and were reported by the cybersecurity firm Armis. Using this exploit, hackers could take control over Cisco routers,...
Cybersecurity Threat Advisory: Jenkins UDP DDoS Attack (CVE 2020-2100)
Advisory Overview Jenkins is an open source automation server used to build, test and deploy software projects. Attackers are rendering two services that are enabled by default in Jenkins (UDP multicast/broadcast and DNS multicast) unusable with Distributed Denial of Service...
Cybersecurity Threat Advisory: Cisco Firepower Management Center Vulnerability
Advisory Overview Security researchers discovered a critical flaw in the web interface of the Cisco Firepower management center (FMC). Cisco Firepower management center is a platform for managing Cisco network security solutions such as firewalls, application control, intrusion prevention, URL...
Cybersecurity Threat Advisory: RCE in OpenSMTPD library (CVE-2020-7247)
Advisory Overview There is a critical remote code execution vulnerability in the OpenSMTPD library, impacting BSD and Linux Distros. Exploitation could allow an attacker to execute commands as root. A link to the patch is included in the recommendation section...
Cybersecurity Threat Advisory: Iranian Hacking Campaign Targets European Energy Company
Advisory Overview Researchers have reported increased cyber activity within the European energy sector by a high-profile hacking group. The increased activity is possibly linked to Iranian state sponsored attacks. The hackers conducted cyber espionage and gained remote access using the...
Cybersecurity Threat Advisory: Security Vulnerabilities Identified in ConnectWise Control
Advisory Overview Multiple security vulnerabilities in ConnectWise Control were recently disclosed. Anyone using the MSP focused software should immediately update to the newest version and be on the lookout for future updates. ConnectWise has responded to the disclosure and issued...
Cybersecurity Threat Advisory: Sodinokibi Ransomware
Advisory Overview We have previously issued advisories on Sodinokibi Ransomware in Threat Advisory 0034-19 and Threat Advisory 0021-19. The same strand recently hit a Colorado Based MSP Synoptek and the foreign currency exchange Travelex. Sodinokibi has been particularly damaging and...
Cybersecurity Threat Advisory: SIM Swapping Fraud
Advisory Overview There has been increase in targeted attacks using SIM Swapping as a method to gain access to victim’s private data such as banking information, credit card information, and personally identifiable information. We advise taking extra precautions to secure...
Cybersecurity Threat Advisory: RSA SecurID 2FA Bypass
Advisory Overview Malicious actors have found a way to bypass 2FA for VPN accounts that were secured with RSA SecurID. RSA considers the scenario to be against recommended deployment practices rather than a security vulnerability. They continued to say that...
Cybersecurity Threat Advisory: Windows 7 End of Life
Advisory Overview Windows 7 has reached end of life on January 14th, 2020. Users who fail to upgrade leave themselves vulnerable to newly discovered malware and remote code execution attacks as Microsoft will no longer provide security fixes for these...
