Windows 7 – CISA highlights EOL warning for January 14 2020

Uncategorized Comments Off on Windows 7 – CISA highlights EOL warning for January 14 2020

https://www.us-cert.gov/ncas/alerts/aa19-290a

QUOTE:  Systems running Windows 7 and Windows Server 2008 R2 will continue to work at their current capacity even after support ends on January 14, 2020. However, using unsupported software may increase the likelihood of malware and other security threats. Mission and business functions supported by systems running Windows 7 and Windows Server 2008 R2 could experience negative consequences resulting from unpatched vulnerabilities and software bugs. These negative consequences could include the loss of confidentiality, integrity, and availability of data, system resources, and business assets.

Mitigations

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and organizations to:

  • Upgrade to a newer operating system.
  • Identify affected devices to determine breadth of the problem and assess risk of not upgrading.
  • Establish and execute a plan to systematically migrate to currently supported operating systems or employ a cloud-based service.
  • Contact the operating system vendor to explore opportunities for fee-for-service maintenance, if unable to upgrade.

References

Microsoft Security Updates – OCTOBER 2019

Uncategorized Comments Off on Microsoft Security Updates – OCTOBER 2019

Below are key resources documenting this recent monthly Microsoft Patch Tuesday release

https://isc.sans.edu/forums/diary/Microsoft+October+2019+Patch+Tuesday/25396/

https://blog.talosintelligence.com/2019/10/microsoft-patch-tuesday-oct-2019.html

https://www.thezdi.com/blog/2019/10/8/the-october-security-update-review

https://patchtuesdaydashboard.com/

https://portal.msrc.microsoft.com/en-us/security-guidance/summary

QUOTE from TALOSMicrosoft disclosed nine critical vulnerabilities this month, eight of which we will highlight below.

CVE-2019-1333 is a client-side remote execution vulnerability in Remote Desktop Services (RDP) that occurs when a user visits a malicious server.

CVE-2019-1238 and CVE-2019-1239 are remote code execution vulnerabilities that exist in the way VBScript handles objects in memory. An attacker could exploit these vulnerabilities by tricking a user into visiting a specially crafted, malicious website through Internet Explorer.

CVE-2019-1307CVE-2019-1308CVE-2019-1335 and CVE-2019-1366 are all memory corruption vulnerabilities in the Chakra Scripting Engine inside of the Microsoft Edge web browser.

CVE-2019-1372 is an elevation of privilege vulnerability on Azure Stack when the Azure App Service fails to properly check the length of a buffer prior to copying memory to it.

There is also CVE-2019-1060, a remote code execution vulnerability in  Microsoft XML Core Services.

CISA security warning – VPN exploits October 2019

Uncategorized Comments Off on CISA security warning – VPN exploits October 2019

It is important to keep devices fully patched & on latest AV protection levels

https://www.us-cert.gov/ncas/current-activity/2019/10/04/vulnerabilities-exploited-multiple-vpn-applications

(CISA) encourages administrators to review the NCSC Alert for more information and to review the following security advisories and apply the necessary updates:

Microsoft Security – CVE-2019-1367 Scripting Corruption — October 2019 OOB release

Uncategorized Comments Off on Microsoft Security – CVE-2019-1367 Scripting Corruption — October 2019 OOB release

Improved protection for a new serious vulnerability was released on out of band (OOB) basis:

https://www.us-cert.gov/ncas/current-activity/2019/10/03/microsoft-re-releases-security-updates

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367

Microsoft has re-released security updates to address a vulnerability in Microsoft software. Updates are now available automatically via Windows Update or Windows Server Update Services.  Please review Microsoft Security Advisory for CVE-2019-1367 and apply the necessary updates.

Ransomware – special IC3 Alert October 2019

Uncategorized Comments Off on Ransomware – special IC3 Alert October 2019

The IC3 division of FBI has issued this special emergency alert

https://www.us-cert.gov/ncas/current-activity/2019/10/04/ic3-issues-alert-ransomware

https://www.ic3.gov/media/2019/191002.aspx

The Internet Crime Complaint Center (IC3) has released an alert on ransomware threats to U.S. businesses and organizations. Ransomware is a type of malware designed to deny access to a computer system or data until a ransom is paid. Cyber criminals often infect organizations with ransomware through email phishing campaigns or exploiting vulnerabilities in software or Remote Desktop Protocol (RDP).   The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the IC3 Alert and CISA’s resource page on ransomware for more information on protecting against and responding to ransomware.

Romance Scams – Best practices to avoid danger October 2019

Uncategorized Comments Off on Romance Scams – Best practices to avoid danger October 2019

The FBI notes that “romance scams” is one of top five dangers for fraud when being online. Several recent documentaries are noted below of how Facebook & other social network scams work:

https://heimdalsecurity.com/blog/top-online-scams/#romancescams

To avoid becoming a victim of these Internet scams, you need to learn how to better protect yourself.  Knowing that hundreds of women and men from all over the globe are victims of this online scams, we recommend using these security tips for defensive online dating, including warning signs that could help you from becoming an easy target.

I would also recommend reading these real stories and learn from them, so you don’t fall for these online scams:

FBI – National Cybersecurity Awareness Month – October 2019

Uncategorized Comments Off on FBI – National Cybersecurity Awareness Month – October 2019

The FBI has created an excellent National Cybersecurity Awareness Month security awareness page:

https://www.fbi.gov/news/stories/national-cybersecurity-awareness-month-100119

THEME = Own IT. Secure IT. Protect IT.

Cyber Safety TipsAll computer users should keep systems and software up to date and use a good anti-virus program. These programs are not foolproof, however, and computer users themselves often help cybercriminals get through these safeguards. To avoid inadvertently downloading malicious code that can harm your network or giving a criminal money or valuable information, the FBI recommends these tips:

  • Examine the email address and URLs in all correspondence. Scammers often mimic a legitimate site or email address by using a slight variation in spelling.
  • If an unsolicited text message or email asks you to update, check, or verify your account information, do not follow the link provided in the message itself or call the phone numbers provided in the message. Go to the company’s website to log into your account or call the phone number listed on the official website to see if something does in fact need your attention.
  • Do not open any attachments unless you are expecting the file, document, or invoice and have verified the sender’s email address.
  • Carefully scrutinize all electronic requests for a payment or transfer of funds.
  • Be extra suspicious of any message that urges immediate action.
  • Confirm requests for wire transfers or payment in person or over the phone as part of a two-factor authentication process. Do not verify these requests using the phone number listed in the request for payment.

Microsoft Surface – October 2019 product announcements

Uncategorized Comments Off on Microsoft Surface – October 2019 product announcements

Ransomware – Lost Files attack uses re-packaged former email attack

Uncategorized Comments Off on Ransomware – Lost Files attack uses re-packaged former email attack

The SANS ISC shares an interesting & in-depth analysis of how a “Lost Files” Ransomware attack used same fake email message a former virus was packaged in years ago.

https://isc.sans.edu/forums/diary/LostFiles+Ransomware/25382/

Malware developers don’t reinvent the wheel and re-use code published here and there. I spotted a ransomware which looked like a former Microsoft based email attack. Once processed, files are renamed with the extension ‘.Lost_Files_Encrypt‘. Apparently, the ransomware started to scan for SMB services (TCP/445) on random IP addresses after the initial infection. Probably trying to infect host vulnerable to EternalBlue.

OCTOBER 2019 – National Cybersecurity Awareness Month

Uncategorized Comments Off on OCTOBER 2019 – National Cybersecurity Awareness Month

Annually October is “National Cybersecurity Awareness Month” with key links below

https://www.us-cert.gov/ncas/current-activity/2019/09/30/prepare-national-cybersecurity-awareness-month

https://staysafeonline.org/

This year’s theme, “Own IT. Secure IT. Protect IT.,” focuses on promoting personal accountability and positive behavior when it comes to cybersecurity.   CISA encourages organizations to see the NCSAM 2019 webpage and the NCSAM 2019 Toolkit for ways to participate in and promote NCSAM.

 

 


© 2019 Computer Safety & News.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in