Subscribe to NetSec NewsMicrosoft's Emergency Patch Fails to Fully Fix PrintNightmare RCE Vulnerability
Even as Microsoft expanded patches for the so-called PrintNightmare vulnerability for Windows 10 version 1607, Windows Server 2012, and Windows Server 2016, it has come to light that the fix for the remote code execution exploit in the Windows Print Spooler service can be bypassed in certain scenarios, effectively defeating the security protections and permitting attackers to run arbitrary code on infected systems. (By Ravie Lakshmanan, The Hacker News) Ingalls: Enhancing your patch management process to include vulnerability scanning, a robust remediation workflow, and metrics-based decision support from data collection can do a lot more for your risk management than simply plugging holes whenever a software vendor produces a patch. In our downloadable “8 Effective Cybersecurity Controls For SMBs” guide, we discuss how to do more with patch management, and the benefits of a mature Vulnerability Lifecycle Management program.
74% of Q1 Malware Was Undetectable Via Signature-Based Tools
Organizations relying on traditional signature-based tools to detect security threats would likely have missed roughly three-quarters of malware samples that hit their networks and systems last quarter, a new analysis shows.. (By Jai Vijayan, Dark Reading) Ingalls: phishing attacks are a good example of why you need endpoint protection. Our Managed Detection and Response (MDR) service is designed for advanced detection, threat hunting, anomaly detection, and response guidance utilizing a defense-in-depth approach that monitors and correlates network activity with endpoints, logs, and everything in between.
Kaseya Rules Out Supply-Chain Attack; Says VSA 0-Day Hit Its Customers Directly
U.S. technology firm Kaseya, which is firefighting the largest ever supply-chain ransomware strike on its VSA on-premises product, ruled out the possibility that its codebase was unauthorizedly tampered with to distribute malware. While initial reports raised speculations that REvil, the ransomware gang behind the attack, might have gained access to Kaseya's backend infrastructure and abused it to deploy a malicious update to VSA servers running on client premises, in a modus operandi similar to that of the devastating SolarWinds hack, it has since emerged that a never-before-seen security vulnerability (CVE-2021-30116) in the software was leveraged to push ransomware to Kaseya's customers. (By Shimrit Tzur-David, The Hacker News) Ingalls: Unfortunately, ransomware remains a serious threat to all industries and accounts for nearly a quarter of all malware-based attacks. Ransomware has become so widespread and commonplace that a normal attack garners neither the shock of security professionals nor the attention of the media. Are You Prepared To Defend Against Ransomware?
Scammers Exploiting Kaseya Ransomware Attack To Deploy Malware
A new phishing campaign claims to offer a security update for Kaseya's VSA software but actually tries to install malware. Cybercriminals are already taking advantage of the ransomware attack against IT firm Kaseya to deploy spam designed to infect computers with Cobalt Strike-delivered malware. In a July 6 update to an ongoing blog and a tweet about the Kaseya incident, a security firm said that its Threat Intelligence team has detected a malicious spam campaign exploiting the Kaseya VSA attack. (By Lance Whitney, Tech Republic) Ingalls: Phishing attacks are a good example of why you need endpoint protection. Our Managed Detection and Response (MDR) service is designed for advanced detection, threat hunting, anomaly detection, and response guidance utilizing a defense-in-depth approach that monitors and correlates network activity with endpoints, logs, and everything in between.
Can Managed Security Keep Businesses Safer?
In the last two decades, the cybersecurity industry has grown from a niche sector into a dominant force in the business world. Today, Gartner predicts that cybersecurity spending will reach $150 billion this year, almost double what was predicted in 2015. These figures highlight that the cybersecurity industry is growing exponentially and that cybersecurity protection is a top priority for businesses today. But, considering all the cyberattacks businesses are facing, this isn’t very surprising. (By George Daglas, Security Boulevard) Ingalls: Since 2010, we’ve been in war rooms and boardrooms investigating targeted attacks by criminals and nation-state-sponsored hackers. In this time of heightened activity, we know that IT teams are struggling to keep pace with the volume of security alerts and responses needed to keep environments protected. Contact us to learn more about our Managed Detection and Response (MDR) and Incident Response (IR) options.
