Computer Safety & News

CISA Director Chris Krebs recently shared overview of  #PROTECT2020 designed to prevent interference & to create trustworthiness during the 2020 election season https://www.cisa.gov/protect2020 https://www.cisa.gov/publication/protect2020-strategic-plan #PROTECT2020 is a national call to action initiated by CISA, the lead federal agency responsible for national election security, to enhance the integrity and resilience of the Nation’s election infrastructure, and […]

CISA issued a special bulletin related to Zebrocy which can be used to steal information & user security credentials https://us-cert.cisa.gov/ncas/current-activity/2020/10/29/cisa-and-cnmf-identify-new-malware-variant-zebrocy https://us-cert.gov/ncas/analysis-reports/ar20-303b CISA has identified a malware variant—referred to as Zebrocy—used by a sophisticated cyber actor. In addition, U.S. Cyber Command has released the malware sample to the malware aggregation tool and repository, VirusTotal.   CISA encourages […]

A major new Remote Access Trojan (RAT) malware attack was highlighted yesterday by CISA & FBI https://us-cert.cisa.gov/ncas/current-activity/2020/10/29/cisa-fbi-and-cnmf-identify-new-malware-variant-comrat https://us-cert.cisa.gov/ncas/analysis-reports/ar20-303a The FBI & CISA have identified a malware variant—referred to as ComRAT—used by the Russian-sponsored advanced persistent threat (APT) actor Turla. In addition, U.S. Cyber Command has released the malware sample to the malware aggregation tool and […]

A very serious & “easy to exploit” attack is circulating as SANS ISC shares below … DBAs & ADMINs should quickly apply patches — esp. if they are using HONEYPOTs to trap potentially malicious network traffic. PATCH NOW: CVE-2020-14882 Weblogic Actively Exploited Against Honeypots https://isc.sans.edu/forums/diary/PATCH+NOW+CVE202014882+Weblogic+Actively+Exploited+Against+Honeypots/26734/ ORACLE WebLogic exploit – At this point, we are seeing […]

Hospitals & other medical facilities should carefully safeguard from an escalation in recent attacks … Careful monitoring, backups, updated defenses, and user security awareness are all needed during peak times of activity. https://us-cert.cisa.gov/ncas/current-activity/2020/10/28/ransomware-activity-targeting-healthcare-and-public-health-sector CISA, FBI, and HHS have released AA20-302A Ransomware Activity Targeting the Healthcare and Public Health Sector that details both the threat and practices that […]

https://www.pcmag.com/news/first-look-unboxing-the-xbox-series-x https://www.pcmag.com/news/microsoft-confirms-xbox-series-x-runs-all-xbox-games-except-kinect-titles It’s new console season, and that means it’s unboxing season. It’s the Xbox Series X’s turn.  We’ll have more coverage of Microsoft’s newest game console (and its little sibling, the Xbox Series S) soon, but for now here’s a look at the physical Xbox before its Nov. 12release date. This system is meant […]

Microsoft has just previewed their 1st beta version of EDGE browser for Linux O/S https://redmondmag.com/articles/2020/10/22/edge-browser-preview-for-linux.aspx https://blogs.windows.com/msedgedev/2020/10/20/microsoft-edge-dev-linux/ Microsoft this week announced the availability of the Microsoft Edge browser for Linux systems, which is currently available as a preview for participants in the Microsoft Edge Insider Program.  Microsoft had promised to deliver Edge for Linux during its September Ignite event. With […]

Microsoft has released a security update to address vulnerabilities in Edge (Chromium-based). An attacker could exploit some of these vulnerabilities to take control of an affected system.  While must users will “auto-update” transparently ADMINS with blocking controls in place may wish to review the latest entry for Microsoft Security Advisory ADV200002 apply the necessary update. https://us-cert.cisa.gov/ncas/current-activity/2020/10/26/microsoft-releases-security-update-edge […]

CISA & FBI have released election interference warnings for Russia & Iran in the following 2 special bulletins https://us-cert.cisa.gov/ncas/current-activity/2020/10/22/cisa-and-fbi-release-joint-advisories-regarding-russian-and CISA and the FBI have released two joint cybersecurity advisories on widespread advanced persistent threat (APT) activity. Both joint cybersecurity advisories contain information on exploited vulnerabilities and recommended mitigation actions for affected organizations to pursue. These […]

Cisco is a key vendor for corporate entities & several products are patched in the OCT 2020 security updates https://tools.cisco.com/security/center/publicationListing.x https://us-cert.cisa.gov/ncas/current-activity/2020/10/22/cisco-releases-security-updates-multiple-products Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review […]