Enterprises running Kaseya VSA remote monitoring and management tools should shut down servers running the service immediately, Fred Voccola, CEO of IT company Kaseya said in a warning posted on Friday. Attackers behind the ransomware attack are disabling administrative access to VSA once they have access to the victim network, complicating efforts to contain and remove the ransomware.
The FBI is remotely hacking hundreds of computers to protect them from Hafnium In what’s believed to be an unprecedented move, the FBI is trying to protect hundreds of computers infected by the Hafnium hack by hacking themselves using the original hackers’ own tools
If you were running Exchange on-premises in March of 2021 you absolutely must take action now. Chances are that if you are reading this and are not aware of Hafnium your systems have already been breached and total LSASS dump and entire domain compromise is more than likely. Why is this such a big deal? Because Exchange servers by nature must be made available to the internet to send and receive email.
Solarwinds Orion was breached today in a manner that is consistent with some of the most advanced persistent threats (APT) we’ve seen. An advanced persistent threat (APT) is a broad term used to describe an attack campaign in which an intruder, or team of intruders, establishes an illicit, long-term presence on a network in order to mine highly sensitive data.
Recent light shed on Grammarly indicates MAJOR security issues. From redditor noobmode, “It basically keylogs everything in the browser and the desktop, I believe, if you have the desktop app. You have no control over how the data is handled at the end of the day. Ther’s no contract you can leverage to enforce data policies or obfuscation of sensitive data. Its a major security risk in my personal opinion. I don’t even use it at home considering it would potentially keylog my username/passwords, my personal sensitive information on sites (if you are applying for a job DOB/SSN/etc), and anything else that doesnt need to be out there.” Read more…
NSA’s Top Ten Mitigation Strategies counter a broad range of exploitation techniques used by Advanced Persistent Threat (APT) actors. NSA’s mitigations set priorities for enterprise organizations to minimize mission impact. The mitigations also build upon the NIST Cybersecurity Framework functions to manage cybersecurity risk and promote a defense-in-depth security posture. The mitigation strategies are ranked by effectiveness against known APT tactics. Additional strategies and best practices will be required to mitigate the occurrence of new tactics.
On Tuesday, July 14, 2020, Microsoft released a patch for a 17-year-old remote code execution (RCE) vulnerability in Windows Domain Name System (DNS) servers discovered by Check Point researchers—and disclosed in CVE-2020-1350. While there is a patch, organizations that are able to can quickly deploy the following registry entry to all Microsoft DNS servers to help block any in-development/in-use exploits:
Facebook got itself into a sensitive data scandal when it did shady business with Cambridge Analytica, Instagram confirmed a security issue exposing user accounts and phone numbers, but these apps are basically online security havens compared to TikTok.
Amazon said its AWS Shield service mitigated the largest DDoS attack ever recorded, stopping a 2.3 Tbps attack in mid-February this year. The previous record for the largest DDoS attack ever recorded was of 1.7 Tbps, recorded in March 2018.