Blog

read more

Original release date: August 9, 2019

The National Cyber Security Alliance (NCSA) and INFOSEC are hosting a webinar to educate small businesses on how to protect against phishing, vishing, and smishing threats. The webinar will be held on Tuesday, August 13, 2019 from 2-3 p.m. ET.

The Cybersecurity and Infrastructure Agency (CISA) encourages small businesses to register for the webinar and visit CISA’s Resources for Business page to learn how to defend against cyber criminals.

A security vulnerability discovered and patched 10 years ago has remained unaddressed in various Avaya phones until recently, McAfee security researchers have discovered. 

read more

In May 2019 (updated in June), F5 issued a security advisory about a potential injection issue in the Tool Command Language (TCL) as used with its BIG-IP load balancers. Load balancers are essential to ensure consistent web services in high volume circumstances, and BIG-IP is popular with banks, governments and large corporations.

read more

Repurposing Mac malware is not a difficult task for someone with reverse-engineering skills, and it’s a far simpler approach compared to writing malware from scratch, a researcher has demonstrated.

read more

Broadcom announced plans Thursday to buy the enterprise unit of cybersecurity firm Symantec Corp. for $10.7 billion in a move to further diversify the US semiconductor maker.

read more

Malicious actors could use rogue engineering workstations to take control of Siemens programmable logic controllers (PLCs), and they can hide the attack from the engineer monitoring the system, researchers from two universities in Israel have demonstrated.

read more

read more

In the past, data protection regulation has largely been concerned with preventing the theft of personal data. Security and security products have focused on preventing breaches -- no breach effectively meant no failure of data protection compliance.

read more

The growth of IoT devices has highlighted the difficulties in ensuring firmware security -- especially where the device and software are initially sourced from third parties, or developed under time pressures in-house. Now a new firmware analyzer has been released to open source on GitHub.

read more

Researchers from security firm IOActive have discovered a series of vulnerabilities and attacks that they believe could be possible on Boeing's 787 Dreamliner.

read more

Original release date: August 8, 2019

The Australian Cyber Security Centre (ACSC) has released an advisory on password spraying attacks. Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.
 
The ACSC provides recommendations for organizations to detect and mitigate these types of attacks against their external services, such as webmail, remote desktop access, or cloud-based services.
 
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ACSC advisory on password spraying attacks and the following CISA tips:
•    Choosing and Protecting Passwords
•    Supplementing Passwords

Original release date: August 8, 2019

Google has released Chrome version 76.0.3809.100 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.
 
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

Original release date: August 8, 2019

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

Webex Network Recording Player and Webex Player Arbitrary Code Execution Vulnerabilities cisco-sa-20190807-webex-player Enterprise NFV Infrastructure Software VNC Authentication Bypass Vulnerability cisco-sa-20190807-nfvis-vnc-authbypass IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability cisco-sa-20190807-iosxr-isis-dos-1918 IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability cisco-sa-20190807-iosxr-isis-dos-1910 Adaptive Security Appliance Software Web-Based Management Interface Privilege Escalation Vulnerability cisco-sa-20190807-asa-privescala Small Business 220 Series Smart Switches Remote Code Execution Vulnerabilities cisco-sa-20190806-sb220-rce Small Business 220 Series Smart Switches Authentication Bypass Vulnerability cisco-sa-20190806-sb220-auth_bypass

Original release date: August 6, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a vulnerability (CVE-2019-1125) known as SWAPGS, which is a variant of Spectre Variant 1—that affects modern computer processors. This vulnerability can be exploited to steal sensitive data present in a computer systems' memory.

Spectre is a flaw an attacker can exploit to force a program to reveal its data. The name derives from "speculative execution"—an optimization method a computer system performs to check whether it will work to prevent a delay when actually executed. Spectre affects almost all devices including desktops, laptops, and cloud servers.

CISA encourages users and administrators to review the following guidance, refer to their hardware and software vendors for additional details, and apply an appropriate patch when available:

Microsoft: Windows Kernel Information Disclosure Vulnerability Red Hat: Spectre SWAPGS gadget vulnerability Google: Spectre Side Channels

Original release date: August 6, 2019

In the wake of the recent shootings in El Paso, TX, and Dayton, OH, the Cybersecurity and Infrastructure Security Agency (CISA) advises users to watch out for possible malicious cyber activity seeking to capitalize on these tragic events. Users should exercise caution in handling emails related to the shootings, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations are also common after tragic events. Be wary of fraudulent social media pleas, calls, texts, donation websites, and door-to-door solicitations relating to these events.

To avoid becoming a victim of malicious activity, users and administrators should consider taking the following preventive measures:

Use caution when opening email attachments, and do not click on links in unsolicited email messages. Refer to CISA’s Tip on Using Caution with Email Attachments. Review CISA’s Tip on Staying Safe on Social Networking Sites. Refer to CISA’s Tip on Avoiding Social Engineering and Phishing Attacks. Review the information from the Federal Trade Commission on Before Giving to a Charity.

Original release date: August 3, 2019

VMware has released a security advisory to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0012 and apply the necessary updates and workarounds.

Original release date: August 2, 2019

The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Cylance Antivirus products. A remote attacker could bypass Cylance antivirus detection.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC Vulnerability Note VU#489481 and the Cylance Resolution for BlackBerry Cylance Bypass webpage for patch information and additional recommended workarounds.

Original release date: August 1, 2019 | Last revised: August 2, 2019

The Internal Revenue Service (IRS) has issued a news release warning tax professionals of the continued threat of phishing emails. Phishing emails are one of the most common ways cyber criminals steal sensitive data. Educating personnel on the risks posed by phishing emails is part of the Taxes. Security. Together. Checklist, which IRS created to help tax professionals protect sensitive taxpayer data.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages tax professionals to review the IRS news release and the CISA Tip on Avoiding Social Engineering and Phishing Attacks for more information.

Original release date: August 1, 2019

The National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) has published NIST Cybersecurity Practice Guide: Multifactor Authentication for E-Commerce. The guide provides e-commerce organizations multifactor authentication (MFA) protection methods they can implement to reduce fraudulent purchases.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages e-commerce organizations to download the guide to learn how to prevent e-commerce fraud using MFA solutions.