The powerful devices leveraged by the Meris botnet have weaknesses that make them easy to exploit, yet complex for organizations to track and secure, researchers said.
Category: alerts
Cyber Security Monitor Alerts News Notifications. We monitor and send notifications on the latest Cyber Security alerts, blogs, news on data breaches and emerging cyber threats.
Original release date: December 9, 2021
CISA has released Capability Enhancement Guide (CEG): Social Media Account Protection, which details ways to protect the security of organization-run social media accounts. Malicious cyber actors that successfully compromise social media accounts—including accounts used by federal agencies—could spread false or sensitive information to a wide audience. The measures described in the CEG aim to reduce the risk of unauthorized access on platforms such as Twitter, Facebook, and Instagram.Â
CISA encourages social media account administrators to implement the protection measures described in CEG: Social Media Account Protection:
- Establish and maintain a social media policy
- Implement credential management
- Enforce multi-factor authentication (MFA)
- Manage account privacy settings
- Use trusted devices
- Vet third-party vendors
- Maintain situational awareness of cybersecurity threats
- Establish an incident response plan
Note: although CISA created the CEG primarily for federal agencies, the guidance is applicable to all organizations.
This product is provided subject to this Notification and this Privacy & Use policy.
DoH! Nate Warfield, CTO of Prevailion, discusses new stealth tactics threat actors are using for C2, including Malleable C2 from Cobalt Strike’s arsenal.
Attackers are milking unpatched Hikvision video systems to drop a DDoS botnet, researchers warned.
Original release date: December 8, 2021
SonicWall has released a security advisory to address vulnerabilities affecting SonicWall Secure Mobile Access (SMA) 100 series appliances. A remote attacker could exploit these vulnerabilities to take control of an affected system. SMA 100 series appliances provide an organization’s employees with remote access to internal resources. Note: although there are currently no reports of these vulnerabilities being exploited in the wild, in July 2021, CISA warned of threat actors actively targeting a known, previously patched, vulnerability in SonicWall SMA 100 series appliances.
CISA encourages users and administrators to review the SonicWall security advisory and apply the necessary firmware updates as soon as possible.
This product is provided subject to this Notification and this Privacy & Use policy.
Unauthenticated, remote attackers can achieve root-level RCE on SMA 100-series appliances.
Researchers have found a number of high-security vulnerabilities in a library created by network virtualization firm Eltima, that leave about a dozen cloud services used by millions of users worldwide open to privilege-escalation attacks. That includes Amazon WorkSpaces, Accops and NoMachine, among others: all apps that enable remote desktop access by using the Eltima software […]
There’s an argument injection weakness in the Windows 10/11 default handler, researchers said: an issue that Microsoft has only partially fixed.
Original release date: December 6, 2021
Zoho has released a security advisory to address an authentication bypass vulnerability in ManageEngine Desktop Central and Desktop Central MSP. An attacker could exploit this vulnerability to take control of an affected system. According to Zoho, this vulnerability is being actively exploited in the wild.
CISA encourages users and administrators to review the Zoho Vulnerability Notification and the Zoho ManageEngine Desktop Central and  ManageEngine Desktop Central MSP security advisories and apply the recommended mitigations immediately.
This product is provided subject to this Notification and this Privacy & Use policy.
The gang is using a variety of tools and malware to carry out attacks in volume on critical sectors, the FBI warned.