Author: Assura Team

Chinese State Sponsored Group HAFNIUM Exploiting Exchange Zero-Day Vulnerabilities – PATCH NOW

Overview Microsoft recently released out-of-band security updates to address four new vulnerabilities in Exchange Server (on-premises). The series of exploits is actively being used by malicious actors to steal emails and compromise internal networks. What Do We Know About This Attack? The Microsoft announcement contains four new vulnerabilities, which when chained, together have glaringly evil results. Let’s… Continue reading Chinese State Sponsored Group HAFNIUM Exploiting Exchange Zero-Day Vulnerabilities – PATCH NOW

10 Cyber Security Steps to Better Protect Your Organization in 2021

Cyber security is a growing concern for every organization in every industry. Already, many experts predict cyber-attacks like phishing schemes and ransomware to significantly increase in 2021. As devastating as these attacks can be, there are a number of safeguards you can implement to better protect your organization. Here are 10 of the most effective… Continue reading 10 Cyber Security Steps to Better Protect Your Organization in 2021

  |    |  
Categorized as Blog

Oversharing in the Age of COVID-19

To say that selfies have been popular for the last two decades would be an understatement. Everyone from celebrities to grandparents have been posting pictures online.  In the Age of Covid, the posting of your Covid-19 vaccine record is just the latest selfie phenomenon. However, this trend is not without its dangers. You may be… Continue reading Oversharing in the Age of COVID-19

CISA Announces Active Exploitation of SolarWinds Orion Platform – What You Should Know

Overview The Cybersecurity and Infrastructure Security Agency (CISA) released an alert regarding the active exploitation of the SolarWinds Orion platform. It was found by FireEye that SolarWinds Orion versions 2019.4 through 2020.2.1, released between March 2020 and June 2020, were compromised in a supply chain attack. What Do We Know About This Attack? On Sunday, December… Continue reading CISA Announces Active Exploitation of SolarWinds Orion Platform – What You Should Know

Cyber Security Firm FireEye Reports Major Breach, Assura’s response and monitoring plan

Overview Major news shocked the cyber security world yesterday (Tuesday, December 8) when FireEye, the parent company of Mandiant, announced they had been breached and their Red Team tools were stolen. Everyone can be breached, and we mean everyone. FireEye’s Mandiant division is the company everyone runs to when they experience a major breach! FireEye has handled… Continue reading Cyber Security Firm FireEye Reports Major Breach, Assura’s response and monitoring plan

There’s a Big Difference Between Good and Bad Cyber Security Training

Good cyber security training is a foundational aspect of any successful cyber security program. According to recent reports, more than 40% of data security breaches are the result of employee negligence. This can include unknowingly clicking on a phishing link or leaving sensitive information up on an unmonitored computer. This is why so many cyber security compliance… Continue reading There’s a Big Difference Between Good and Bad Cyber Security Training

  |    |  
Categorized as Blog

Considerations When Developing a Cyber Security Budget

In many respects, a cyber security program with insufficient budget is like a car without enough gas to reach its destination. Not only will you not get where you need to go, when you eventually break down, you’ll find yourself in a particularly vulnerable spot. Your organization’s cyber security program is only as good as… Continue reading Considerations When Developing a Cyber Security Budget

  |    |  
Categorized as Blog

A Busy Week in Cyber Threats

Key Takeaways It’s been a busy several days in cybersecurity. Below is an overview of the key events, followed by Assura’s take on these matters. Google announced the discovery of a zero-day privilege escalation flaw in Microsoft Windows, possibly dating back to Windows 7. The U.S. Department of Homeland Security, U.S. Cyber Command, and FBI… Continue reading A Busy Week in Cyber Threats

Don’t You Be My Neighbor – Specially Crafted IPv6 Packet Causes Blue Screen of Death

Overview: On October 13, US-CERT and US Cyber Command issued a Tweet urging organizations and users to install updates released as part of Microsoft’s “Patch Tuesday” security and feature updates. This round of patches closes a particularly nasty vulnerability where a specially crafted IPv6 packet can induce a computer to crash and reveal the dreaded… Continue reading Don’t You Be My Neighbor – Specially Crafted IPv6 Packet Causes Blue Screen of Death

A vulnerability called “SIGRed” (CVE-2020-1350), exploits a buffer overflow within the way that Windows DNS Servers process SIG resource record types.

Recently, Check Point researcher Sagi Tzadik published a blog post announcing a new attack against Windows DNS Servers which can allow an attacker to create Denial-of-Service conditions and possibly gain Domain Administrator access. What makes this specific vulnerability unique is that it isn’t really new it has been around for 17 years it is just that no one has discovered it… Continue reading A vulnerability called “SIGRed” (CVE-2020-1350), exploits a buffer overflow within the way that Windows DNS Servers process SIG resource record types.