Security News

CISA Offers New Mitigation for PrintNightmare Bug
2021-07-02 12:21

The U.S. government has stepped in to offer a mitigation for a critical remote code execution vulnerability in the Windows Print Spooler service that may not have been fully patched by Microsoft's initial effort to fix it. In the meantime, Microsoft Thursday put out a new advisory of its own on PrintNightmare that assigns a new CVE and seems to suggest a new attack vector while attempting to clarify confusion that has arisen over it.

Microsoft shares mitigations for Windows PrintNightmare zero-day bug
2021-07-02 06:56

Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare. In a separate threat analytics report for Microsoft 365 Defender customers seen by BleepingComputer, Microsoft says attackers are actively exploiting the PrintNightmare zero-day.

Hiccup in Akamai’s DDoS Mitigation Service Triggers Massive String of Outages
2021-06-17 12:50

Major financial institutions, airlines and the Hong Kong stock exchange were knocked offline by a backfiring distributed denial-of-service mitigation service Thursday. The hour-long outage, which was triggered at approximately 1 a.m. EST Thursday, is tied to Akamai Technology's anti-DDoS Prolexic service.

Kinetic Business DDoS Mitigation Service helps customers protect networks from attacks
2021-06-10 02:30

Kinetic Business introduced DDoS Mitigation Service, a fully managed service that monitors, detects, validates and mitigates attacks-even on third-party networks -before an outage or related damage occurs. Kinetic's DDoS Mitigation Service uses a network of highly scalable scrubbing centers that ingest and inspect attack traffic upstream from the customer's network.

Webinar Today: DDoS Attack Trends and Mitigation Strategies
2021-04-22 14:24

DDoS attacks have dominated the charts in terms of frequency, sophistication, and geo-distribution over the last year. While there are no signs of DDoS attacks going away anytime soon, how do organizations ensure that their Internet assets are protected against threats of any size or kind?

Infosecurity transformation and building proactive mitigation strategies
2021-04-22 04:30

His focus on information security began when he served in the U.S. Army, where he spent years identifying vulnerabilities and working on mitigation strategies to protect the network. From there, he served with NATO, where he played a very active role in cultivating a proactive security culture.

Linux Kernel Vulnerabilities Can Be Exploited to Bypass Spectre Mitigations
2021-03-30 12:17

Recent Linux kernel updates include patches for a couple of vulnerabilities that could allow an attacker to bypass mitigations designed to protect devices against Spectre attacks. Symantec reported on Monday that Piotr Krysiuk, a member of its Threat Hunter team, has identified two new vulnerabilities in the Linux kernel that can be exploited to bypass mitigations for the Spectre vulnerabilities.

New Bugs Could Let Hackers Bypass Spectre Attack Mitigations On Linux Systems
2021-03-29 04:49

Cybersecurity researchers on Monday disclosed two new vulnerabilities in Linux-based operating systems that, if successfully exploited, could let attackers circumvent mitigations for speculative attacks such as Spectre and obtain sensitive information from kernel memory. While CVE-2020-27170 can be abused to reveal content from any location within the kernel memory, CVE-2020-27171 can be used to retrieve data from a 4GB range of kernel memory.

Microsoft Defender adds automatic Exchange ProxyLogon mitigation
2021-03-19 11:40

Microsoft Defender Antivirus will now protect unpatched on-premises Exchange servers from ongoing attacks by automatically mitigating the actively exploited CVE-2021-26855 vulnerability. The Microsoft Defender automatic protection from active attacks targeting unpatched Exchange servers works by breaking the attack chain.

Microsoft releases one-click Exchange On-Premises Mitigation Tool
2021-03-16 11:10

Microsoft has released Exchange On-Premises Mitigation Tool, which quickly performs the initial steps for mitigating the ProxyLogon flaw on any Exchange server and attempts to remediate found compromises. "This tool is not a replacement for the Exchange security update but is the fastest and easiest way to mitigate the highest risks to internet-connected, on-premises Exchange Servers prior to patching," Microsoft explained.