Cybersecurity

CISA Insights on Risk Considerations for Managed Service Provider Customers

The Cybersecurity and Infrastructure Security Agency (CISA) released a new Insights, Risk Considerations for Managed Service Provider Customers (MSPs), which provides a framework that government and private sector organizations (to include small and medium-sized businesses) outsourcing some level of IT support to MSPs can use to better mitigate against third-party risk. As CISA notes, IT managed services can provide cost benefits and operational efficiencies to many organizations. However, managing these services can be complex, costly, and time-consuming.

Read more about CISA Insights on Risk Considerations for Managed Service Provider Customers

Vulnerability Management – Netgear Smart Switches Vulnerable to Authentication Bypass

On September 3, 2021, Netgear issued patches for three authentication bypass vulnerabilities impacting several of its smart switches. The vulnerabilities have been dubbed Demon’s Cries, Draconian Fear, and Seventh Inferno and allow for complete takeover of the affected devices.

Read more about Vulnerability Management – Netgear Smart Switches Vulnerable to Authentication Bypass

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - September 2, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - September 2, 2021

Security Awareness – Cybercrime Recruiting for BEC Accomplices

Although ransomware incidents persistently make international headlines, Business Email Compromise (BEC) is still a global menace and may become more difficult to detect. In 2020, BEC cost U.S. businesses $1.8 billion and represented 43 percent of all cybercrime losses for the year. Researchers at the cybersecurity firm Intel 471 recently observed actors on multiple cybercrime forums seeking partnerships with other criminals to engage in BEC attacks.

Read more about Security Awareness – Cybercrime Recruiting for BEC Accomplices

Vulnerability Management – Exchange Servers are Finicky to Patch, but Shouldn’t be Overlooked

No one plans on compounding deferred patches, but when error messages are confounding, we often move on to seemingly more immediate (and less frustrating) fires. This initial patch deferment often lasts months, or even years until the device is either compromised or replaced (often due to end-of-life). For instance, several events this year have highlighted the significant vulnerabilities affecting unpatched Microsoft Exchange Servers and the subsequent risk that presents to the system or an entire network.

Read more about Vulnerability Management – Exchange Servers are Finicky to Patch, but Shouldn’t be Overlooked

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - August 31, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Sensormatic Electronics KT-1

Alerts, Updates, and Bulletins:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - August 31, 2021

Cyber Resilience – Don’t Let Ransomware Make you Labor (Day)

Pardon the reprise of a similar holiday-themed post from last year, Don’t Let Ransomware Steal Your Independence (Day), but if the shoe (and the sentiment) fits…

Read more about Cyber Resilience – Don’t Let Ransomware Make you Labor (Day)

CISA Adds the Next (#3) Cybersecurity Bad Practices to its Catalog – Updated August 31, 2021

Bad Practice #3 – Use of Single-Factor Authentication (SFA)

Read more about CISA Adds the Next (#3) Cybersecurity Bad Practices to its Catalog – Updated August 31, 2021

ProxyToken – the Most Recent Microsoft Exchange Vulnerability

Another vulnerability associated with Microsoft Exchange Server has been disclosed. The flaw, dubbed “ProxyToken,” allows remote attackers to bypass authentication and alter an Exchange email server’s backend configuration. This vulnerability could be exploited by a threat actor to copy all emails sent to a specified target account and then forward those emails to a separate account controlled by the attacker.

Read more about ProxyToken – the Most Recent Microsoft Exchange Vulnerability

Cybersecurity Hygiene – Password Re-use, not Just for Users

Users are not the only ones to suffer from password re-use across multiple sites, services, or devices. Unfortunately, many system administrators use the same passwords for local administrator access across all workstations for ease of technical support. But what’s good for the sysadmin, is also good for the threat actor who gains access to password hashes. Pen Test Partners (PTP) briefly discusses the issues with admin password re-use and suggests a more secure solution than using the same local admin password across all workstations.

Read more about Cybersecurity Hygiene – Password Re-use, not Just for Users

You are here

Cybersecurity

CISA Insights on Risk Considerations for Managed Service Provider Customers

Vulnerability Management – Netgear Smart Switches Vulnerable to Authentication Bypass

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - September 2, 2021

Security Awareness – Cybercrime Recruiting for BEC Accomplices

Vulnerability Management – Exchange Servers are Finicky to Patch, but Shouldn’t be Overlooked

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - August 31, 2021

Cyber Resilience – Don’t Let Ransomware Make you Labor (Day)

CISA Adds the Next (#3) Cybersecurity Bad Practices to its Catalog – Updated August 31, 2021

ProxyToken – the Most Recent Microsoft Exchange Vulnerability

Cybersecurity Hygiene – Password Re-use, not Just for Users

Pages

You are here

Cybersecurity

Pages

Footer Email Signup