Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.

Continue Reading Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

FBI warns of video-teleconferencing hijacking “Zoom-bombing”

As the COVID-19 crisis continues to spread, larger numbers of enterprises and learning organizations are moving meetings and classrooms online via video-teleconferencing (VTC) platforms. The FBI has issued a new warning of recent VTC attacks and also offered guidance on how to better security VTC platforms.

Continue Reading FBI warns of video-teleconferencing hijacking “Zoom-bombing”

APT41 launches broad cyber campaign with multiple exploits

Researchers from FireEye have discovered Chinese cyber threat group APT41 carry out a broad cyber campaign between January 20 and March 11, 2020. The actors have attempted to exploit vulnerabilities in Citrix NetScaler/ADC, Cisco routers, and Zoho ManageEngine Desktop Central products against 75 FireEye customers.

Continue Reading APT41 launches broad cyber campaign with multiple exploits

Organizations need heightened level of Enterprise VPN security in the wake of Coronavirus Pandemic

To prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), more organizations are electing to have their employees work remotely from home. With that responsibility, more organizations will need to adopt a heightened level of security to protect themselves from attackers who look to exploit weaknesses in enterprise virtual private networks (VPNs).

Continue Reading Organizations need heightened level of Enterprise VPN security in the wake of Coronavirus Pandemic

Cisco patches vulnerabilities in multiple products

Cisco has released security patches for Email Security Appliance, Webex, Prime Network Registrar, Intelligent Proximity and other products. Four of the vulnerabilities are High risk and another eight are rated Medium severity.

Continue Reading Cisco patches vulnerabilities in multiple products

Cisco patches vulnerabilities in multiple products (one Critical CVE-2020-3158)

Cisco has released security updates for multiple products to include IOS, Email Security Appliance, Data Center Network Manager and other products. One of the updates also addresses a critical vulnerability in Cisco's Smart Software Manager On-Prem.

Continue Reading Cisco patches vulnerabilities in multiple products (one Critical CVE-2020-3158)