Challenge: A university approached Assura with a need to meet all the necessary regulatory requirements, including Commonwealth of Virginia cybersecurity standards, PCI DSS, FERPA, and HIPAA. In addition, they had a unique challenge that most other organizations don’t have. Because they employ students to help run various aspects of the school, they also needed a… Continue reading Protecting a university’s network against both hackers and a student workforce.
Author: Assura Team
ProDefense™ XDR: Quickly secures a global company’s all-new virtual call center.
Challenge: A U.S. government contractor tapped a global company that specialized in workforce mobilization and staffing to create and staff a call center. Typically, this would not have been a significant challenge. However, this happened at the peak of the COVID-19 global pandemic, which meant the data center needed to be 100% remote while still… Continue reading ProDefense™ XDR: Quickly secures a global company’s all-new virtual call center.
Delivering election security for 11 Virginia localities in a single coordinated effort.
Challenge: The Federal Emergency Management Agency (FEMA) challenged the state of Virginia with helping to secure elections. A part of this challenge was making government localities cyber secure as well. FEMA offered a grant to help small localities achieve the level of security required. Eleven government localities came to Assura for help meeting the cybersecurity… Continue reading Delivering election security for 11 Virginia localities in a single coordinated effort.
Update 2: Severe Zero-Day Vulnerability in Apache Log4j Package Hits the World
December 20, 2021: A new Denial of Service vulnerability was announced over the weekend by The Apache Foundation. They now recommend that software vendors and IT departments use version 2.17.0. This means that systems that were patched as of Friday, December 17, 2021 may need to have another patch applied. Assura continues to recommend following… Continue reading Update 2: Severe Zero-Day Vulnerability in Apache Log4j Package Hits the World
Fractional Information Security Officer: 3 Questions to Ask When Determining if Your Business Needs One.
Every week – if not every day, seemingly – an organization makes headlines for experiencing a cyber-attack. Sadly, for every Microsoft Exchange crisis, there are scores of small and medium-sized businesses (SMBs) wrestling with a data breach. While SMBs have been known to leverage fractional C-suite consultants for needs like accounting and HR, in the current… Continue reading Fractional Information Security Officer: 3 Questions to Ask When Determining if Your Business Needs One.
I do not like HiveNightmare, SeriousSam. I do not like it here or there. I do not like it anywhere!
TL;DR No, it’s not a new Dr. Seuss story – it’s a recently discovered zero-day exploit (CVE-2021-36934, known as HiveNightmare or SeriousSam) that allows an attacker to read the contents of a Security Account Manager (SAM) file on Windows 10 and 11 systems with non-administrator user privileges. In the Assura’s Take section, we provide two… Continue reading I do not like HiveNightmare, SeriousSam. I do not like it here or there. I do not like it anywhere!
Windows Print Spooler “PrintNightmare” Vulnerability, Exploits
TL;DR There is a Windows vulnerability that uses Print Spooler to gain remote code execution on devices. In the Assura’s Take section, we offer three mitigation options: 1. Disable the print spooler service, 2. Apply an ACL to restrict print driver installation/upgrades. 3. Disable remote connections to the Print Spooler. Overview Recently, the security research… Continue reading Windows Print Spooler “PrintNightmare” Vulnerability, Exploits
Kaseya’s VSA Supply Chain Ransomware
TL;DR A supply chain exploit of Kaseya’s VSA Remote Management service puts customers of managed service providers (MSPs) using this tool at risk of REvil ransomware. Assura recommends anyone using Kaseya VSA to follow Kaseya guidance on server hardening when available, and also download and run the indicator of compromise (IOC) scanning tool linked below… Continue reading Kaseya’s VSA Supply Chain Ransomware
Verkada Cameras Hacked and New Microsoft DNS Server Vulnerability
It’s been quite a few months in the cyber security world, and last week was no exception with two major vulnerabilities concerning Verkada cameras and Windows DNS servers. Both vulnerabilities are unpacked in the below CHU alerts! Alert 1: Verkada Cameras Hacked, Leads to Network Compromise of Cloudflare, Tesla, and more Overview On March 9,… Continue reading Verkada Cameras Hacked and New Microsoft DNS Server Vulnerability
Update to HAFNIUM/Microsoft Exchange Server zero-day vulnerabilities
Overview On March 4, 2021 we posted a Cyber Heads-Up article titled, “Chinese State-Sponsored Group HAFNIUM Exploiting Exchange Zero-Day Vulnerabilities – PATCH NOW”. Today, we are revisiting this attack campaign with updates about what Assura and other security firms are seeing during response efforts. If you are just hearing about the HAFNIUM campaign, please refer… Continue reading Update to HAFNIUM/Microsoft Exchange Server zero-day vulnerabilities