Jump to content

Operations

19 articles in this category

  1. 💫 Jimi Wikman ·
    IT management software vendor Kaseya whose VSA software platform is used by other tech companies to monitor and manage customers’ IT networks, has been the victim of an audacious cyberattack. On July 2, the business issued a security advisory urging its customers to immediately shut down versions of VSA running on their own servers. It also suspended its own cloud-based VSA service. Kaseya VSA is a remote management platform for MSPs that provides solutions such as automated patch managemen
    Jimi Wikman
    • 0 comments
    • 745 views
  2. °Kryptera.se ·
    If you have the "Print Spooler" service enabled (which is the default), it means that anyone with access can execute code as SYSTEM against the Windows domain controller. At present, there is no patch from Microsoft. So take a break from your vacation and turn off the service immediately. From Tenable's blog: E5GOlYUXwAUyqzU.mp4 More information from Microsoft: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1675  
    Kryptera.se
    • 0 comments
    • 588 views
  3. °Kryptera.se ·
    A new security flaw has been identified in the sudo software. Sudo, which is installed by default in many operating systems, is by default setuid root. This means that any shortcomings can lead to local users being able to obtain root permissions. Over the years, sudo has also become larger and more features have been added. This has i.a. led to OpenBSD now having an option called doas. Yesterday, the American security company Qualys reported that they had identified a vulnerability i
    Kryptera.se
    • 0 comments
    • 764 views
  4. 💫 Jimi Wikman ·
    A new report from the security company RiskIQ inform of a new phishing kit that use JavaScript to manipulate the DOM, which allows for the script to dynamically alter the visible content and HTML form data within a page without user interaction.  This Phishing kit,  called LogoKit has seen a significant upswing in usage over the last month. Phishing has been on the rise lately, following the increased usage of data communication in the wake of COVID-19. This new phishing kit seem to have at
    Jimi Wikman
    • 0 comments
    • 857 views
  5. °Kryptera.se ·
    Yesterday I received an email that the American company Ubiquiti has been hacked. Ubiquiti is i.a. one of the world's largest manufacturers of base devices for WiFi communication. The email contains relatively little information because the company states that they do not know the extent yet. Although it has been a long time since I myself used Ubiquiti's cloud service, I assume that it is entirely possible to gain access to the local network via Ubiquiti's central service, hence this is ex
    Kryptera.se
    • 0 comments
    • 622 views
  6. 💫 Jimi Wikman ·
    Sweden is setting up a national security center. This was decided on December 10th by the government to commission Försvarets radioanstalt, Försvars­makten, Myndig­heten för samhälls­skydd och beredskap and Säkerhets­polisen to establish a national cyber security center. The purpose is to strengthen Sweden's overall ability to prevent, detect and manage cyber threats. The government writes that the cyber threats against Sweden and Swedish interests are extensive. With technology development
    Jimi Wikman
    • 0 comments
    • 828 views
  7. 💫 Jimi Wikman ·
    Last week IBM announced that the company would be moving some of its lower-margin lines of business into a new company and that IBM itself would focus on higher-margin cloud services. This comes after a long effort by IBM to diversify away from its legacy businesses. IBM will list its IT infrastructure services unit, which provides technical support for 4,600 clients in 115 countries as a separate company with a new name by the end of 2021. The new company will have 90,000 employees and its
    Jimi Wikman
    • 0 comments
    • 1,178 views
  8. 💫 Jimi Wikman ·
    Multiple vulnerabilities have been reported in SAP products where things like cross-site scripting (xss) and server side request forgery open up access points through which a hacker can compromise the systems and it's data. These vulnerabilities have been patched in SAP Security Patch Day – July 2020 and it is strongly advised to make that update as soon as possible. SYSTEMS AFFECTED: Multiple Vulnerabilities in SAP NetWeaver AS JAVA (LM Configuration Wizard) (CVE-2020-6286).
    Jimi Wikman
    • 0 comments
    • 664 views
  9. 💫 Jimi Wikman ·
    A critical bug in the popular Wordpress plugin wpDiscuz allow users to upload and execute code remotely. This is because of a bug in the file mime type detection that allowed any file type to be uploaded. This open up the server to remote code execution (RCE) that could result in the entire server being compromised.  The vulnerability was reported to wpDiscuz's developers by Wordfence's Threat Intelligence team on June 19 and was fully patched with the release of version 7.0.5 on July 23.
    Jimi Wikman
    • 0 comments
    • 537 views
  10. 💫 Jimi Wikman ·
    According to Henry Huang, a Taiwanese security researcher, there are still hundreds of thousands of QNAP NAS systems that have yet to be patched for no less than three bugs. This allow an attacker to exploit the three bugs to take full control over QNAP devices. These bugs was found last year and Henry Huang reported it to QNAP last June. QNAP issues a patch in November last year to fix these bugs and still, 6 months later there are hundreds of thousands of unpatched units online.  These bu
    Jimi Wikman
    • 0 comments
    • 897 views
  11. 💫 Jimi Wikman ·
    In the wake of Covid-19 and the increased need for communication for people working from home it comes as no surprise that Microsoft Teams are targeted by malicious people. This week we see both CISA and Abnormal security reporting on targeted phishing campaigns that have affected more than 50.000 users so far. With so many starting to work from home due to the Covid-19 situation invites to different Microsoft Teams are very common. This is something that malicious people have started to ta
    Jimi Wikman
    • 0 comments
    • 816 views
  12. 💫 Jimi Wikman ·
    GitHub is an amazing service, but up until now you had to pay a fee to have private repositories. That has now changed and GitHub just announced that making private repositories with unlimited collaborators available to all GitHub accounts. All of the core GitHub features are now free for everyone. Not only are GitHub providing private repositories with unlimited collaborators at no cost, they also lower the cost for their pro plans with more than half. It has never been a better time to ge
    Jimi Wikman
    • 0 comments
    • 689 views
  13. 💫 Jimi Wikman ·
    Last year the team behind Chromium announced that support for the transport protocols 1.0 and 1.1 would no longer be supported in a future update. Since January this year unsecured sites have seen warnings and now in March all sites secured using the 1.0 and 1.1 versions of TLS will see a full page interstitial warning. The fact that TLS (Transport Layer Security) 1.0 and 1.1 are insecure has been known for a while and it makes sense to remove support for them. Despite that TLS 1.2 was rele
    Jimi Wikman
    • 0 comments
    • 669 views