Detecting SambaCry CVE-2017-7494

By Mehul Revankar We've seen several critical vulnerabilities lately. First there was WannaCry, and then WannaCry 2.0 (EternalRocks), and now do we have WannaCry 3.0? Well, not really. But a new seven-year-old remote code execution vulnerability (CVE-2017-7494) that is affecting Samba versions 3.5.0 and higher is making news this week. The vulnerability is billed as the WannaCry equivalent for … [Read more...]

RoughTed: The anti ad-blocker malvertiser

By Jérôme Segura RoughTed is a large malvertising operation that peaked in March 2017 but has been going on for at least well over a year. It is unique for its considerable scope ranging from scams to exploit kits, targeting a wide array of users via their operating system, browser, and geolocation to deliver the appropriate payload. We estimate that the traffic via RoughTed related domains … [Read more...]

EU GDPR Final Countdown: How to Prepare Your Security Program

By Cayla Baker Gavin Millard explains the important steps CISOs need to focus on as they prepare their security programs for the EU GDPR. https://www.infosecurity-magazine.com/blogs/gdpr-final-countdown-prepare/ Source:: Tenable News … [Read more...]

NIST SP 800-171: The Compliance Window is Closing Fast

By Chris Jensen Does your company do business with the Department of Defense? Do you want that business to continue after 2017? If you answered yes to both of these questions, you need to know about Defense Federal Acquisition Regulation Supplement (DFARS) clause 225.204-7012 and its potential impact on your business. As of December 2015, DFARS 225.204-7012 requires contractors to implement NIST … [Read more...]

Online Demo and Webinars for Parallels Mac Management for Microsoft SCCM

By Beatrice Vogel Reserve your seat today for a Parallels Mac Management for Microsoft SCCM demo or 1 hour deep dive held by our Sales Engineer Danny Knox. In a demo, we will give you an encompassing overview about all essential details in 30 minutes and will answer all your questions. In a deep dive session, we will show you [...] The post Online Demo and Webinars for Parallels Mac Management … [Read more...]

5 Unsettling cyberthreats

By William Tsing Cyberthreats are typically boring, repetitive, and require a reasonably predictable remediation process. A SQL injection is a SQL injection, no matter who's trying it. But what about the outliers? What about threats that impact you, but you can't remediate, or establish a policy to cover? Here are 5 cyberthreats that if you're not frightened by, you should be. VNC roulette. … [Read more...]

Update to Parallels Toolbox for Mac just released!

By Kurt Schmucker We have just released an update to Parallels® Toolbox for Mac®, with four additional tools and several new features requested by users. New Tools The four new tools are shown in Figure 1. They are: Download Audio – Similar to the Download Video tool but targeted toward downloading audio from the Internet, including multiple track [...] The post Update to Parallels Toolbox for … [Read more...]

Pt 2: Hackers now have your password

By RJ Gazarek So let's pick up where we left off. Explaining to the world that the reason your account was hacked was probably NOT due to some sophisticated state actor from China or Russia. So to recap, the top 3 reasons you were most likely hacked were: You had a different account that was already compromised You downloaded a malicious program on your computer without knowing it You … [Read more...]

WannaCry 2.0: Detect and Patch EternalRocks Vulnerabilities Now

By Mehul Revankar A new network worm dubbed EternalRocks is making the news this week as the successor to the WannaCry ransomware. EternalRocks leverages some of the same vulnerabilities and exploit tools as WannaCry but is potentially more dangerous because it exploits seven NSA tools that were released as part of the ShadowBrokers dump for infection instead of two used by WannaCry. So … [Read more...]

Thycotic Introduces Privilege Ready Program to Further Protect Against Cyberattacks

By Jordan True WASHINGTON, May 23, 2017 /PRNewswire/ — Thycotic, a provider of privileged account management (PAM) solutions for more than 7,500 organizations worldwide, today announced its Privileged Ready Program. This program highlights the breadth of Thycotic's integration capabilities with a number of leading security vendors around the world. “Our customers need the ability to manage all … [Read more...]