Systems Engineering is aware of the FBI and CISA joint security advisory indicating threat actors are potentially using multiple Common Vulnerabilities and Exposures (CVE) to exploit Fortinet operating systems, known as FortiOS. The advisory calls out three vulnerabilities that may be used to gain access to business networks to begin data exfiltration or data encryption attacks. Vulnerabilities include;
Systems Engineering is aware of multiple vulnerabilities within Cisco Jabber Client software. These vulnerabilities affect Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for Mobile platforms. Vulnerabilities include:
Qualys Cloud Platform is the incident response and breach prevention vendor used at Systems Engineering to perform monthly external vulnerability scan for our customers. Recently, Qualys released a statement relating to a previously identified zero-day exploit in one of their third-party solutions (Accellion FTA).
UPDATE MARCH 8, 2021
Systems Engineering learned of the Exchange on-premises server vulnerability on Tuesday, March 2nd, and activated our incident response plan.
On Tuesday, January 26, 2021 Apple support released a new update for iPhone and iPad with security fixes for three vulnerabilities that may have been actively exploited. The latest version of iOS & iPadOS 14.4 fixes the security bugs that may be under active attack by hackers.
UPDATE FOR THURSDAY, JANUARY 21
As you may have seen in the headlines, Malwarebytes recently announced it was targeted by the same threat actor who attacked SolarWinds. After an extensive investigation, Malwarebytes reported their Microsoft Office 365 and Azure environments were targeted, but they found “no evidence of unauthorized access or compromise in any internal on-premises and production environments.”
On Friday, September 18, 2020, Homeland Security Cybersecurity & Infrastructure Security Department issued an Emergency Directive regarding the Windows Server Netlogon Elevation of Privilege Vulnerability This Windows server operating system vulnerability could allow a cyber attacker to gain access to your Domain Controller (authentication server). From there, the attacker can give themselves administrative privileges for your network, start to run malicious software, and exfiltrate sensitive data.
Office 2010 will reach end-of-support on October 13, 2020. After this date, Microsoft will no longer provide technical support, bug fixes, or security updates for Office 2010. You will be able to continue using this version of Office, but by upgrading before any product falls out of support your business minimizes risks, including reducing exposure to security threats, remaining in compliance, and continuing to receive the latest product updates and support.
The FBI recently released a private industry notification (PIN) warning businesses about the increase in end-of-life attacks. "The FBI has observed cybercriminals targeting computer network infrastructures after an operating system achieves end-of-life status," the bureau said.
Cisco released a collection of 12 Security Advisories for Cisco Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software. The collection includes High Risk Vulnerabilities that could give an attacker unauthenticated access to the affected device’s file system. This vulnerability can also cause a Denial of Service (DoS). This means a firewall would be incapable of passing through internet traffic and require a system reboot.