Tag Archive for technology

Adobe Releases Security Updates for Flash Player & Connect

Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Adobe Connect. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Users and administrators are encouraged to review Adobe Security Bulletins APSB17-21 and APSB17-22 and apply the necessary updates.

The post Adobe Releases Security Updates for Flash Player & Connect appeared first on Naptown Buzz.

Microsoft Releases July 2017 Security Updates

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system.

US-CERT encourages users and administrators to review Microsoft’s July 2017 Security Update Summary and Deployment Information and apply the necessary updates.

SOURCE: US-CERT

The post Microsoft Releases July 2017 Security Updates appeared first on Naptown Buzz.

WannaCry Ransomware Information

US-CERT Alert (TA17-132A)

According to numerous open-source reports, a widespread ransomware campaign is affecting various organizations with reports of tens of thousands of infections in as many as 74 countries, including the United States, United Kingdom, Spain, Russia, Taiwan, France, and Japan. The software can run in as many as 27 different languages.

The latest version of this ransomware variant, known as WannaCry, WCry, or Wanna Decryptor, was discovered the morning of May 12, 2017, by an independent security researcher and has spread rapidly over several hours, with initial reports beginning around 4:00 AM EDT, May 12, 2017. Open-source reporting indicates a requested ransom of .1781 bitcoins, roughly $300 U.S.

This Alert is the result of efforts between the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) to highlight known cyber threats. DHS and the FBI continue to pursue related information of threats to federal, state, and local government systems and as such, further releases of technical information may be forthcoming.

Description

Initial reports indicate the hacker or hacking group behind the WannaCry campaign is gaining access to enterprise servers either through Remote Desktop Protocol (RDP) compromise or through the exploitation of a critical Windows SMB vulnerability. Microsoft released a security update for the MS17-010 vulnerability on March 14, 2017. Additionally, Microsoft released patches for Windows XP, Windows 8, and Windows Server 2003 operating systems on May 13, 2017. According to open sources, one possible infection vector is via phishing emails.

Solution

Recommended Steps for Prevention

  • Apply the Microsoft patch for the MS17-010 SMB vulnerability dated March 14, 2017.
  • Enable strong spam filters to prevent phishing e-mails from reaching the end users and authenticate in-bound e-mail using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent e-mail spoofing.
  • Scan all incoming and outgoing e-mails to detect threats and filter executable files from reaching the end users.
  • Ensure anti-virus and anti-malware solutions are set to automatically conduct regular scans.
  • Manage the use of privileged accounts. Implement the principle of least privilege. No users should be assigned administrative access unless absolutely needed. Those with a need for administrator accounts should only use them when necessary.
  • Configure access controls including file, directory, and network share permissions with least privilege in mind. If a user only needs to read specific files, they should not have write access to those files, directories, or shares.
  • Disable macro scripts from Microsoft Office files transmitted via e-mail. Consider using Office Viewer software to open Microsoft Office files transmitted via e-mail instead of full Office suite applications.
  • Develop, institute and practice employee education programs for identifying scams, malicious links, and attempted social engineering.
  • Have regular penetration tests run against the network. No less than once a year. Ideally, as often as possible/practical.
  • Test your backups to ensure they work correctly upon use.

Recommended Steps for Remediation

  • Contact law enforcement. We strongly encourage you to contact a local FBI field office upon discovery to report an intrusion and request assistance. Maintain and provide relevant logs.
  • Implement your security incident response and business continuity plan. Ideally, organizations should ensure they have appropriate backups so their response is simply to restore the data from a known clean backup.

Defending Against Ransomware Generally

Precautionary measures to mitigate ransomware threats include:

  • Ensure anti-virus software is up-to-date.
  • Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks.
  • Scrutinize links contained in e-mails, and do not open attachments included in unsolicited e-mails.
  • Only download software – especially free software – from sites you know and trust.
  • Enable automated patches for your operating system and Web browser.

More information is available at us-cert.gov/ncas/alerts/TA17-132A.

The post WannaCry Ransomware Information appeared first on Naptown Buzz.

Mozilla Releases Firefox Security Updates (May 5, 2017)

Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR.

An attacker could exploit this vulnerability to take control of an affected system.

US-CERT encourages users and administrators to review the Mozilla Security Advisories for Firefox 53.0.2 and Firefox ESR 52.1.1 and apply the necessary updates.

The post Mozilla Releases Firefox Security Updates (May 5, 2017) appeared first on Naptown Buzz.

Microsoft Ending Security Updates for Windows 10 version 1507

After May 9, 2017, devices running Windows 10 version 1507 will no longer receive security updates.

US-CERT encourages users and administrators to review Microsoft’s Windows 10 version 1507 post for more information and to apply necessary updates.

via: https://www.us-cert.gov/ncas/current-activity/2017/05/04/Microsoft-Ending-Security-Updates-Windows-10-version-1507

The post Microsoft Ending Security Updates for Windows 10 version 1507 appeared first on Naptown Buzz.

Google Releases Security Updates for Chrome

Google has released Chrome version 58.0.3029.96 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to cause a denial-of-service condition.

US-CERT encourages users and administrators to review the Chrome page and apply the necessary updates.

The post Google Releases Security Updates for Chrome appeared first on Naptown Buzz.

Intel Firmware Vulnerability in Active Management Technology, Standard Manageability, and Small Business Technology

Intel has released recommendations to address a vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology, firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6.

This vulnerability does not affect Intel-based consumer PCs.

An attacker could exploit this vulnerability to take control of an affected system.

Users and administrators are encouraged to review Intel Security Advisory INTEL-SA-00075 and refer to their original equipment manufacturer (OEM) for updated firmware.

SOURCE: US-CERT

The post Intel Firmware Vulnerability in Active Management Technology, Standard Manageability, and Small Business Technology appeared first on Naptown Buzz.

IBM Releases Domino Security Updates

IBM has released a security update to address a vulnerability in IBM Domino server IMAP EXAMINE. An attacker could exploit this vulnerability to take control of an affected system.

Available updates include:

  • Domino 9.0.1 Feature Pack 8 Interim Fix 2
  • Domino 8.5.3 Fix Pack 6 Interim Fix 17

Users and administrators are encouraged to review CERT Vulnerability Note VU#676632 and CVE-2017-1274 for more information and apply the necessary updates.

See us-cert.gov/ncas/current-activity/2017/04/25/IBM-Releases-Security-Update

The post IBM Releases Domino Security Updates appeared first on Naptown Buzz.

US-CERT Computer Security Advisories (4/19/2017): Chrome, Mozilla, Cisco & Drupal

US-CERT released the following computer security advisories yesterday:

Google Releases Security Updates for Chrome

Google has released Chrome version 58.0.3029.81 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker may exploit to take control of an affected system.

Users and administrators are encouraged to review the Chrome Releases(link is external) page and apply the necessary updates.

Mozilla Releases Security Updates

Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system.

US-CERT encourages users and administrators to review the Mozilla Security Advisories for Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 and apply the necessary updates.

Cisco Releases Security Updates

Cisco has released updates to address several high-impact vulnerabilities affecting multiple products. These and other lower-impact vulnerabilities are listed at Cisco Security Advisories and Alerts(link is external). A remote attacker could exploit one of the high-impact vulnerabilities to cause a denial-of-service condition.

Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates:

Drupal Releases Security Updates

Drupal has released an advisory to address a vulnerability in Drupal core 8.x versions prior to 8.2.8 and 8.3.1. A remote attacker could exploit this vulnerability to obtain sensitive information.

US-CERT encourages users and administrators to review Drupal’s Security Advisory and upgrade to version 8.2.8 or 8.3.1.

SOURCE: US-CERT

The post US-CERT Computer Security Advisories (4/19/2017): Chrome, Mozilla, Cisco & Drupal appeared first on Naptown Buzz.

Fun with #HashTags! -> #BaconAQuote

We love Bacon & we love Hash Tags. So we were thrilled to see #Bacon getting all the love with . Follow along & join in the fun!

The post Fun with #HashTags! -> #BaconAQuote appeared first on Naptown Buzz.