Tag: patched | Page 4

Cyber Security Today, April 15, 2022 – A new botnet discovered, low MFA adoption and a Struts bug finally patched

April 15, 2022/in Internet Security

A new botnet discovered, low MFA adoption and a Struts bug finally patched.

Welcome to Cyber Security Today. It’s Friday April 15th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. Thanks for taking the time to tune in if this is a holiday Friday for you.

&nbsp

A new denial of service botnet has been discovered by security researchers in China. Called Fodcha, it’s adding 100 new infected devices to the estimated 62,000 enslaved devices already on the network. Most are in China. Devices are being compromised by Fodcha malware either through known vulnerabilities or weak passwords on Android servers, GitLab accounts and certain brands of routers. Some are made by Totolink. Last week I reported that another botnet was also compromised of certain unpatched models of Totolink routers.

I regularly quote cybersecurity experts saying implementing multifactor authentication is one of the best things IT leaders can do to lower the risk of a successful cyberattack through compromised passwords. So, here are some disturbing numbers from a report released this week by Trellix: Less than half of U.S. government agency respondents to a survey said their organization has fully developed MFA. At least that’s better than the critical infrastructure sector — which includes banks, transportation companies and utilities. Only 37 per cent of American firms in that sector had implemented MFA. Guest commentator Terry Cutler and I will talk about MFA and other identity management technologies in the Week in Review podcast later today.

Apache has admitted a fix for the Struts Java web application development platform issued two years ago didn’t do the job. It has now put out what it says is a patch that solves the problem. It’s serious enough that the U.S. Cybersecurity and Infrastructure Security Agency is urging users to upgrade to version 2.5.30.

Attention hospital IT administrators: If your facility uses the Aethon TUG wireless smart robot cart for delivering medicine or maintenance supplies, the Homebase server needs to be patched. Researchers at Cynerio have discovered five vulnerabilities that could allow an attacker to take remote…

Source…

Microsoft warns even patched Exchange servers can still be attacked

March 29, 2021/in Internet Security

Microsoft’s analysis of the series of attacks that exploit the now-fixed zero-day vulnerabilities on Exchange servers reveals that the threat doesn’t end simply by applying patches.

Chinese state-sponsored threat actor Hafnium was blamed for being the first to exploit the vulnerabilities known as ProxyLogon vulnerabilities. Utilities such as Microsoft’s one-click tool has helped ensure that over 90% servers, several at small business that lack dedicated IT and security teams, have now plugged the vulnerabilities. However, the threat is far from over.

“Many of the compromised systems have not yet received a secondary action, such as human-operated ransomware attacks or data exfiltration, indicating attackers could be establishing and keeping their access for potential later actions,” the company warned.

TechRadar needs you!

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

Second wave?

Even though a majority of the servers have been patched, the cause of concern are reports from security experts such as ESET, which had observed over 5000 compromised servers.

In the weeks following the disclosure of the vulnerabilities and the release of the patches, security researchers picked up several attacks on Exchange servers such as the human-operated DearCry ransomware attack.

In a blog post, the Microsoft 365 Defender Threat Intelligence Team has now shared “threat trends” that it has observed as part of its investigations into the attacks.

Besides human-operated attacks that drop malware such as ransomware into the servers, the team has picked up on several instances of web shell attacks and credential theft. The researchers believe these could potentially be used for follow up attacks.

They’ve shared detailed analysis into several known post-compromise activities, while urging administrators to exercise credential hygiene in order to prevent the threat actors from regaining access to the servers.

It has also published tools and guides to help remove known web shells and attack tools, while sharing…

Source…

Chrome gets patched again, but 83% of users aren’t running the latest version | 2020-11-20

November 20, 2020/in Mobile Security

Chrome gets patched again, but 83% of users aren’t running the latest version | 2020-11-20 | Security Magazine

Source…

Windows has a zero-day that won’t be patched for weeks – Naked Security

March 31, 2020/in Internet Security

Windows has a zero-day that won’t be patched for weeks Naked Security
Microsoft Alerts Of Zero-Day RCE Vulnerability In Windows 7 Under Exploit Cyber Security News
New Windows flaw uses malicious documents to attack you Komando
Microsoft Warns Hackers Targeting Unpatched RCE Windows Flaws HealthITSecurity.com
Microsoft Admits Windows OS Contains Two New 0-Day RCE Vulnerabilities Being Exploited In The Wild, Here’s A Working Solution Appuals
View Full Coverage on read more

“zero day exploit” – read more

Tag Archive for: patched