Author: nlqip

MS-ISAC ADVISORY NUMBER: 2023-140 DATE(S) ISSUED: 12/12/2023 OVERVIEW: Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or…

Read More

Frequently asked questions about two vulnerabilities affecting ConnectWise ScreenConnect Update February 23: The blog has been updated to include information about ransomware attacks involving vulnerable ScreenConnect servers. View Change Log Background The Tenable Security Response Team has put together this blog to answer Frequently Asked Questions (FAQ) regarding two vulnerabilities impacting ScreenConnect, a Remote Monitoring…

Read More

Attackers have exploited the flaw since late March After its initial discovery, Volexity was able to create a detection signature and went back through its customer telemetry to find past compromises. The earliest exploitation signs the company managed to find dated from March 26, but those incidents looked like attempts by UTA0218 to test the…

Read More

The conflict in Ukraine brings the possibility of increased cyberattacks targeting the public infrastructure of NATO nations and their allies, and could easily extend to corporations and other entities within those countries as well. The US CISA (Cybersecurity and Infrastructure Security Agency) has provided technical guidance and reporting methods at https://www.cisa.gov/shields-up which is an excellent…

Read More

As Covid-19 drives a higher volume of transactions online, the dance between cyber-criminals and security professionals has stepped up a beat. Enterprises are re-assessing the robustness of their systems, while bad actors are on the look-out for vulnerabilities to exploit. Under lockdown measures, organisations have been forced to reassess their physical environments. Now they must…

Read More

A wide variety of organizations fall under financial services, including banks of varying sizes, credit unions, insurance companies, government-sponsored financial institutions, stock exchanges, investment funds, payment processors, consumer finance lenders, brokerages, and companies that service the financial sector. We’ll look at all of these and note the differences in the data, starting with the largest…

Read More

Introduction F5 Labs attack series articles help you understand common attacks, how they work, and how to guard against them. What Is Cross-Site Scripting? Cross-site scripting, commonly referred to as XSS, is one of many types of insertion attacks that affect web-based applications and, by extension, their users. It occurs when a vulnerability in an…

Read More

Two vulnerabilities with publicly available exploit code in JetBrains TeamCity on-premises software could result in attackers bypassing authentication and achieving code execution. Update March 7: The blog has been updated to include information in-the-wild exploitation of CVE-2024-27198. View Change Log Background On March 4, JetBrains published a blog post regarding two security issues affecting TeamCity…

Read More

The importance of fostering a cybersecurity culture within organizations cannot be overstated. While technical security measures are crucial, employee behaviour plays a significant role in cyber defense. Leadership commitment is paramount, and executives should set the tone by actively promoting cybersecurity awareness. Tailored security awareness programs, engaging both employees and executives, are essential for keeping…

Read More

Every day, we hear about the new “innovative” ways that hackers use to infiltrate devices to inject ransomware or steal invaluable date. But hackers are also using data manipulation to make subtle modifications to data sets, which is particularly insidious and could potentially have a greater crippling effect on organizations than a data breach. As…

Read More