Category: Blog

Govt warns on VPN security bug in Cisco, Palo Alto, F5, Pulse software

breach_security-100777433-large

VPN packages from Cisco, Palo Alto, F5 and Pulse may improperly secure tokens and cookies.
The Department of Homeland Security has issued a warning that some VPN packages from Cisco, Palo Alto, F5 and Pulse may improperly secure tokens and cookies, allowing nefarious actors an opening to invade and take control over an end user’s system.
The DHS’s Cybersecurity and Infrastructure Security Agency (CISA) warning comes on the heels of a notice from Carnegie Mellon’s CERT that multiple VPN applications store the authentication and/or session cookies insecurely in memory and/or log files. Read more…

Asus software updates were used to spread malware

Asus’ software update system was hacked and used to distribute malware to about 1 million Windows computers, according to the cybersecurity firm Kaspersky Lab. The malware was disguised as a “critical” software update, distributed from Asus’ servers, and signed using a real Asus certificate that made it appear to be valid. Details of the hack were first revealed byMotherboard, and Kaspersky plans to release more details at an upcoming conference. Read More…

Newly Patched WinRAR Vulnerability Existed for 19 Years

winrar

The year 2000 was historic for a few reasons beyond the obvious emotional resonance of rolling over all the digits. There was a contested US presidential election, Y2K turned out to be overblown, and it was the first year those New Year’s glasses with the eye holes in the zeros made sense. It was also the year WinRAR introduced a serious vulnerability into its Windows application. That bug was just discovered after 19 years by researchers at Check Point Software. Oops. Read more…

Find out how much longer Windows 7 is safe to run on your PC

windows-7-136408164367502601-160824145052

Windows 7 was one of Microsoft’s best-loved computing operating systems and most of us are still using it.
According to NetMarketShare’s September 2018 data, 40.88% are still using Windows 7 – compared to the 37.44% who have moved on to the latest operating system, Windows 10.
But like all operating systems before it, Windows 7 will eventually reach the end of its lifecycle, making an upgrade an absolutely essential task for the safety of your PC. Read more…

GandCrab ransomware and Ursnif virus spreading via MS Word macros

ms-word-hackers

Security researchers have discovered two separate malware campaigns, one of which is distributing the Ursnif data-stealing trojan and the GandCrab ransomware in the wild, whereas the second one is only infecting victims with Ursnif malware.

Though both malware campaigns appear to be a work of two separate cybercriminal groups, we find many similarities in them. Both attacks start from phishing emails containing an attached Microsoft Word document embedded with malicious macros and then uses Powershell to deliver fileless malware. Read more…

Exchange Server 2010 End of Support is (Still) Coming

exchange_2010

Exchange Server, like almost all Microsoft products, has a support lifecycle during which we provide new features, bug fixes, security fixes, and so on. This lifecycle typically lasts for 10 years from the date of the product’s initial release, and the end of this lifecycle is known as the product’s end of support. When Exchange 2010 reaches its end of support on January 14, 2020, Microsoft will no longer provide:

Technical support for problems that may occur
Bug fixes for issues that are discovered and that may impact the stability and usability of the server
Security fixes for vulnerabilities that are discovered and that may make the server vulnerable to security breaches
Time zone updates
Your installation of Exchange 2010 will continue to run after this date. However, due to the changes and risks listed above, we strongly recommend that you migrate from Exchange 2010 as soon as possible. Read more…

Microsoft to end support for Windows 7 in 1-year from today

windows7

A new reminder for those who are still holding on to the Windows 7 operating system—you have one year left until Microsoft ends support for its 9-year-old operating system.

So it’s time for you to upgrade your OS and say goodbye to Windows 7, as its five years of extended support will end on January 14, 2020—that’s precisely one year from today.

After that date, the tech giant will no longer release free security updates, bug fixes and new functionalities for the operating system that’s still widely used by people, which could eventually leave a significant number of users more susceptible to malware attacks. Read more…

Top 25 Cloud Backup Enablers List for January 2019

Top-25-Cloud-Data-Backup

The market has witnessed the rise and fall of many start-ups and stabilization of others. Interestingly, the companies that have gained a strong foothold in the industry are not all similar. There is a subtle distinction in the nature and types of services they offer. Some of these companies are pure enablers, while others combine enablement functions with direct-to-market services. Yet others, may license the software from enablers with or without re-branding options and service the cloud backup service needs of their clients. Read mode…

Self-Encrypting Drives Have Multiple Vulnerabilities

storage sed

Vulnerability Note VU#395981

There are multiple vulnerabilities in implementations of ATA Security or TCG Opal Standards in Self-Encrypting Disks (SEDs), which can allow an attacker to decrypt contents of an encrypted drive.

There is no cryptographic relation between the password provided by the end user and the key used for the encryption of user data. This can allow an attacker to access the key without knowing the password provided by the end user, allowing the attacker to decrypt information encrypted with that key.

According to National Cyber Security Centre – The Netherlands (NCSC-NL), the following products are affected by CVE-2018-12037:

 

  • Crucial (Micron) MX100, MX200 and MX300 drives
  • Samsung T3 and T5 portable drives
  • Samsung 840 EVO and 850 EVO drives (In “ATA high” mode these devices are vulnerable, In “TCG” or “ATA max” mode these devices are NOT vulnerable.)

Read more…

 

 

SamSam Ransomware – Alert (AA18-337A)

uscert

The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In addition, this report provides recommendations for prevention and mitigation.

The SamSam actors targeted multiple industries, including some within critical infrastructure. Victims were located predominately in the United States, but also internationally. Network-wide infections against organizations are far more likely to garner large ransom payments than infections of individual systems. Organizations that provide essential functions have a critical need to resume operations quickly and are more likely to pay larger ransoms. Read more…