Overview With most employers shifting to a work from home (WFH) model attackers are chomping at the bit to exploit the introduction of video-teleconferencing (VTC) into your environment. VTC programs such as Zoom, GoToMeeting, or Microsoft Teams are not anything new and neither are their exploitation but with much of the workforce becoming dependent on… Continue reading Hackers Exploiting the Introduction of Video-Teleconferencing into Your Environment
Category: Cyber Heads-up
New Phishing Attack Tells Recipient They May Have Contracted COVID-19
Overview As the world continues to face the COVID-19 pandemic, attackers are preying on our fears more than ever. There is no depth to which cybercriminals will not sink, even in the case of a worldwide crisis. It’s unfortunate, but some people just want to watch the world burn. For instance… A recent phishing campaign… Continue reading New Phishing Attack Tells Recipient They May Have Contracted COVID-19
Cisco Smart Install Feature Still Poses Significant Security Vulnerability
Overview Assura does a significant amount of penetration tests for our clients and we like to communicate the trends that we see as we do these. During the last three, we’ve seen a recurring severe configuration vulnerability using the Smart Install feature of devices running Cisco’s IOS and IOS XE operating systems pop up and felt the… Continue reading Cisco Smart Install Feature Still Poses Significant Security Vulnerability
PATCH NOW: Two Severe Vulnerabilities in Microsoft’s First “Patch Tuesday” of 2020
Overview If you haven’t already heard about these in the press, we’re here to tell you about them. On Tuesday of this week (14 January 2020), the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released advisory number AA20-014A: Critical Vulnerabilities in Microsoft Windows Operating Systems. CryptoAPI spoofing vulnerability – CVE-2020-0601: This vulnerability affects… Continue reading PATCH NOW: Two Severe Vulnerabilities in Microsoft’s First “Patch Tuesday” of 2020
Today is the Day that Windows 7 and Server 2008/r2 Security Updates End
Overview If you’re in IT (and haven’t been living under a rock), you know that today is the day that Microsoft officially ends extended support for Windows 7, Windows Server 2008, and Windows Server 2008R2. We went through this back in April of 2014 and July of 2015 when the same thing happened with Windows… Continue reading Today is the Day that Windows 7 and Server 2008/r2 Security Updates End
Iranian Espionage/Cyber Warfare Threat Briefing
Overview Our friends and partners at Dark Web intelligence firm IntSights have an excellent (and relatively short) threat briefing about Iranian cyber threat actors and the tactics they use for cyber espionage and warfare. The briefing includes recommendations for mitigation of these threats. The briefing can be downloaded at https://wow.intsights.com/rs/071-ZWD-900/images/Threat%20Brief_Iran.pdf A list of Indicators of Compromise (IOCs)… Continue reading Iranian Espionage/Cyber Warfare Threat Briefing
DHS Releases Alert for Potential Iranian Cyber Attacks in Response to U.S. Military Strike in Baghdad
Overview On Monday, January 6, 2020, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released Alert AA20-006A, warning about potential cyberattacks on U.S. companies by the nation of Iran. The alert includes an overview of the threat profile of Iranian state-sponsored offensive cyber activities, tactics used by Iranian Advanced Persistent Threats… Continue reading DHS Releases Alert for Potential Iranian Cyber Attacks in Response to U.S. Military Strike in Baghdad
Vulnerability in Linux “sudo” Command Permits Anyone to Run Commands as Root
OVERVIEW Yesterday (October 14, 2019), a vulnerability was disclosed in the Linux Sudo command (CVE-2019-14287) that permits any user to execute commands as root (the Linux superuser). A very good full analysis of the flaw and how to exploit it is located at https://thehackernews.com/2019/10/linux-sudo-run-as-root-flaw.html. Assura’s Take This is an easy one: update Linux systems so that it uses… Continue reading Vulnerability in Linux “sudo” Command Permits Anyone to Run Commands as Root
New Major Flaw Found in Intel and (Possibly) AMD Processors
Good afternoon – Overview Last night US-CERT (the Department of Homeland Security’s Computer Emergency Response Team) announced the public disclosure by researchers at endpoint security protection company Bitdefender of a new CPU-level information compromise vulnerability. Dubbed “SWAPGS”, the vulnerability is used to execute a “side channel” attack similar to the Spectre vulnerability announced (along with… Continue reading New Major Flaw Found in Intel and (Possibly) AMD Processors
Cyber Heads-Up: Week of July 29th
Good morning! This week, we’ve got a doozie for you. As usual, the bad guys are busy trying to find their next way into a system they don’t belong in. Read on to find out more about them, and our take on what exactly is going on. Alert 1: Microsoft OneNote Audio Note Phishing Emails … Continue reading Cyber Heads-Up: Week of July 29th