Author: nlqip
Mar 13, 2024NewsroomPhishing Attack / Threat Intelligence A new phishing campaign has been observed delivering remote access trojans (RAT) such as VCURMS and STRRAT by means of a malicious Java-based downloader. “The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub, employing a commercial protector to avoid detection of the malware,”…
Read More
Streaming company Roku has revealed that over 15,000 customers’ accounts were hacked using stolen login credentials from unrelated data breaches. In data breach notices to the Attorneys General for Maine and California, Roku said hackers accessed the accounts of 15,363 US residents in a campaign that lasted from December 28, 2023, to February 21, 2024.…
Read More
Configuring alerts The primary reason to have a modern SIEM is for sophisticated real-time monitoring of your systems. But that has little value unless a human is monitoring the system for alerts or notifications (in the form of emails, text messages, or push notifications to mobile devices). The problem with alerts and notifications, as any…
Read More
Mar 13, 2024NewsroomPatch Tuesday / Software Update Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical, 58 are rated Important, and one is…
Read More
Critical Infrastructure What cyberthreats could wreak havoc on elections this year and how worried should we as voters be about the integrity of our voting systems? 12 Mar 2024 • , 4 min. read This year, billions of people will go to the polls to decide their next political leaders. From India to the US,…
Read MoreApply the stable channel update provided by Adobe to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1 : Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-027 DATE(S) ISSUED: 03/12/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or…
Read More
There’s no shortage of cybersecurity tools for today’s Security Operations Centers (SOCs). As it turns out, however, that’s part of the problem in addressing the overwhelming task of monitoring, detecting, and responding to potential threats. This is the hangover from layered security strategies that have evolved as computer environments expanded from mainframes to encompass client-server…
Read More
Google’s new Security Command Center Enterprise (SCC Enterprise) could streamline cloud risk management through AI automation, saving security teams time, experts say. Enhanced with Mandiant threat intelligence and generative AI, SCC Enterprise aims to offer comprehensive insights across the cloud security lifecycle. Google Cloud has identified gaps in the protection provided by current cloud-native application…
Read MoreAdobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates: Source link ddde ddde ddde ddde ddde ddde…
Read More