Tag: Cyber Heads Up

Overview: On October 13, US-CERT and US Cyber Command issued a Tweet urging organizations and users to install updates released as part of Microsoft’s “Patch Tuesday” security and feature updates. This round of patches closes a particularly nasty vulnerability where a specially crafted IPv6 packet can induce a computer to crash and reveal the dreaded… Continue reading Don’t You Be My Neighbor – Specially Crafted IPv6 Packet Causes Blue Screen of Death

Recently, Check Point researcher Sagi Tzadik published a blog post announcing a new attack against Windows DNS Servers which can allow an attacker to create Denial-of-Service conditions and possibly gain Domain Administrator access. What makes this specific vulnerability unique is that it isn’t really new it has been around for 17 years it is just that no one has discovered it… Continue reading A vulnerability called “SIGRed” (CVE-2020-1350), exploits a buffer overflow within the way that Windows DNS Servers process SIG resource record types.

Overview Staying with the recent theme of attacks on the work from home model, we’re back with another warning about Zoom. It’s not that we have anything against Zoom, but the platform rapidly became part of the cultural lexicon over the last couple of months due to the COVID-19 pandemic. With the move to work-from-home,… Continue reading Dark Web Intelligence Firm Reports New Attacks Against Zoom Users

Overview Recently, Varonis researcher Eric Saraga published a blog post announcing a new attack against Azure Active Directory (Azure AD) which can allow an attacker to log in as any synchronized user. The attack method exploits a flaw in the Pass-Through Authentication (PTA) password verification method of allowing users to use their on-premises Active Directory credentials to… Continue reading Attack Against Azure AD Pass-Through Authentication Agent can Compromise Azure/Office 365 Tenants

Overview With most employers shifting to a work from home (WFH) model attackers are chomping at the bit to exploit the introduction of video-teleconferencing (VTC) into your environment. VTC programs such as Zoom, GoToMeeting, or Microsoft Teams are not anything new and neither are their exploitation but with much of the workforce becoming dependent on… Continue reading Hackers Exploiting the Introduction of Video-Teleconferencing into Your Environment

Overview As the world continues to face the COVID-19 pandemic, attackers are preying on our fears more than ever. There is no depth to which cybercriminals will not sink, even in the case of a worldwide crisis. It’s unfortunate, but some people just want to watch the world burn. For instance… A recent phishing campaign… Continue reading New Phishing Attack Tells Recipient They May Have Contracted COVID-19

Overview Assura does a significant amount of penetration tests for our clients and we like to communicate the trends that we see as we do these. During the last three, we’ve seen a recurring severe configuration vulnerability using the Smart Install feature of devices running Cisco’s IOS and IOS XE operating systems pop up and felt the… Continue reading Cisco Smart Install Feature Still Poses Significant Security Vulnerability

Overview If you haven’t already heard about these in the press, we’re here to tell you about them. On Tuesday of this week (14 January 2020), the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released advisory number AA20-014A: Critical Vulnerabilities in Microsoft Windows Operating Systems. CryptoAPI spoofing vulnerability – CVE-2020-0601: This vulnerability affects… Continue reading PATCH NOW: Two Severe Vulnerabilities in Microsoft’s First “Patch Tuesday” of 2020

Overview If you’re in IT (and haven’t been living under a rock), you know that today is the day that Microsoft officially ends extended support for Windows 7, Windows Server 2008, and Windows Server 2008R2. We went through this back in April of 2014 and July of 2015 when the same thing happened with Windows… Continue reading Today is the Day that Windows 7 and Server 2008/r2 Security Updates End

Overview Our friends and partners at Dark Web intelligence firm IntSights have an excellent (and relatively short) threat briefing about Iranian cyber threat actors and the tactics they use for cyber espionage and warfare. The briefing includes recommendations for mitigation of these threats. The briefing can be downloaded at https://wow.intsights.com/rs/071-ZWD-900/images/Threat%20Brief_Iran.pdf A list of Indicators of Compromise (IOCs)… Continue reading Iranian Espionage/Cyber Warfare Threat Briefing