Security News

Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation
2021-12-13 11:53

"The JNDI lookup feature of log4j allows variables to be retrieved via JNDI - Java Naming and Directory Interface. This is an API that that provides naming and directory functionality to Java applications. While there are many possibilities, the log4j one supports LDAP and RMI. In other words, when a new log entry is being created, and log4j encounters a JNDI reference, it will actually literally go to the supplied resource and fetch whatever it needs to fetch in order to resolve the required variable. And in this process, it might even download remote classes and execute them!".Don't underestimate the attack surface of the Remote code injection in Log4j.

While businesses are ramping up their risk mitigation efforts, they could be doing more
2021-11-03 04:30

Zurich North America and Advisen have released a survey of corporate risk managers and insurance buyers revealing current views about information security and cyber risk management. The survey results indicate that risk professionals are increasingly aware of their intensifying cyber risks and the need to manage them using risk mitigation and risk transfer.

Despite spending millions on bot mitigation, 64% of organizations lost revenue due to bot attacks
2021-10-25 04:00

The state of bot mitigation 64% of organizations lost more than 6% of their revenue due to bot attacks, and 32% lost 10% or more within the last year. 64% of organizations lost 6% or more of their revenue due to bot attacks, and 32% report that their organizations lost 10% or more of revenue within the last 12 months.

NSA warns of wildcard certificate risks, provides mitigations
2021-10-12 06:23

In a document released last week, the agency provides mitigations against the risks that come with the use of wildcard certificates. A wildcard digital certificate can be used with multiple subdomains on the same domain, so it can cover multiple servers, while a multi-domain certificate is used for multiple domains on a single IP address.

How collaboration between IT pros and senior leaders could drive the future of risk mitigation
2021-10-04 05:30

The recent SolarWinds IT Trends Report found 49% of IT pro respondents perceive their organization's senior leaders or decision makers have a heightened awareness of risk exposure, believing it's not "If" but "When" they will be impacted by a risk factor. Here, we look at how this awareness represents a greater opportunity for IT pros to collaborate with senior leaders and help ensure better risk mitigation for businesses.

Microsoft, CISA Urge Mitigations for Zero-Day RCE Flaw in Windows
2021-09-08 12:24

Both Microsoft and federal cybersecurity officials are urging organizations to use mitigations to combat a zero-day remote control execution vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents. Microsoft has not revealed much about the MSHTML bug, tracked as CVE-2021-40444, beyond that it is "Aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents," according to an advisory released Tuesday.

Kaseya patches Unitrends server zero-days, issues client mitigations
2021-08-26 15:10

American software company Kaseya has issued a security update to patch server-side Kaseya Unitrends zero-day vulnerabilities found by security researchers at the Dutch Institute for Vulnerability Disclosure. Kaseya Unitrends is a cloud-based enterprise backup and recovery solution provided as a stand-alone solution or an add-on for Kaseya's VSA remote management platform.

Microsoft shares mitigation for recent Windows Server printing issues
2021-07-30 12:00

Microsoft has released temporary mitigation info for a known issue that might cause print and scan failures on multiple Windows Server versions after installing July 2021 security updates on domain controllers. If the known issue still appears on up-to-date devices, affected customers should contact the device manufacturer and ask for setting changes or updates to make the printer or scanner compliant with CVE-2021-33764 hardenings deployed via July Windows 10 security updates.

Microsoft shares mitigations for new PetitPotam NTLM relay attack
2021-07-24 23:38

Microsoft has released mitigations for the new PetitPotam NTLM relay attack that allows taking over a domain controller or other Windows servers. PetitPotam is a new method that can be used to conduct an NTLM relay attack discovered by French security researcher Gilles Lionel.

Microsoft shares mitigations for new PetitPotam NTML relay attack
2021-07-24 23:38

Microsoft has released mitigations for the new PetitPotam NTLM relay attack that allows taking over a domain controller or other Windows servers. PetitPotam is a new method that can be used to conduct an NTLM relay attack discovered by French security researcher Gilles Lionel.