Threat actors have developed a new approach to malware that exploits legitimate drivers making it more difficult to defend against the malware. To date over 1000 drivers have been impacted: BlackByte ransomware abuses legit driver to disable security products (bleepingcomputer.com) What makes this “Bring Your Own Vulnerable Driver” (BYOVD) method …
CISA issues security advisories across a range of popular products
It has been a busy couple of days at the US Cybersecurity and Infrastructure Security Agency as they issue a range of security advisories: Drupal Releases Security Update | CISA Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server | CISA Cisco Releases Security Updates for Multiple Products | …
Continue reading “CISA issues security advisories across a range of popular products”
CISA adds three vulnerabilities to the Known Exploited Vulnerabilities Catalog
The US Cybersecurity and Infrastructure Security Agency has added three known exploits to its Known Exploited Vulnerabilities Catalog – this list should be seen as a “Must Patch Now” list. Two of the exploits are for Microsoft Exchange are being actively exploited: CISA Adds Three Known Exploited Vulnerabilities to Catalog …
Continue reading “CISA adds three vulnerabilities to the Known Exploited Vulnerabilities Catalog”
Chaos
Black Lotus Labs has discovered a new strain a malware, they are calling it Chaos. The new is very telling – the malware is infecting a wide range of devices and servers, Linux, Windows, small office routers etc. One of the servers infected was hosting an instance of GitHub, bringing …
Sophos firewall hole fixed
If you are depending on a Sophos firewall then check and see that it is fully updated and patched: Sophos fixes critical code injection bug under exploit • The Register You of course have your Cyber Security “What is normal” document to hand, to check if this issue impacts your …
