dcsimg

Pulse VPN patched their vulnerability, but businesses are trailing behind

In April 2019, Pulse Secure published an advisory about a vulnerability in their software. In August, cybercriminals were massively scanning for systems that were running a vulnerable version. Now it’s October, and still many organizations have not applied the patches that are available for this vulnerability. This is a trend we’ve seen repeated with dozens of other publicly-known … [Read more...]

4 Lessons to be learned from the DOE’s DDoS attack

Analysts, researchers, industry professionals, and pundits alike have all posited the dangers of the next-generation “smart grid,” particularly when it comes to cybersecurity. They warn that without the right measures in place, unscrupulous parties could essentially wreak havoc on the bulk of society by causing severe outages or worse. It is a real possibility, but up until now, it’s been … [Read more...]

Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT

A variant of a remote code execution vulnerability with Internet Explorer’s scripting engine known as CVE-2018-8373 patched last August has been found in the wild. Looking at the IOCs posted by our colleagues at TrendMicro, we recognized the infrastructure serving this exploit. The same static domain has been active since at least early July, and is being redirected to from an adult website … [Read more...]

August 2018 – Microsoft Patch Tuesday

Here we go again. It’s August 14, and after last month’s buggy patches – with numerous known issues, particularly regarding .NET, Windows 7 and 8.1 – it’s not surprising that many IT pros are feeling at least a little wary but what might be in store this time. There were enough problems that Woody Leonhard […] … [Read more...]