Vulnerable Citrix Servers Targeted by Ransomware Gangs
Jan27

Vulnerable Citrix Servers Targeted by Ransomware Gangs

Multiple threat actors are conducting attacks on Citrix servers that have not had the patch applied to correct the CVE-2019-19781 vulnerability. The flaw affects the Citrix Application Delivery Controller (ADC), Citrix Gateway, and two old versions of Citrix SD-WAN WANOP appliances and was announced on December 17, 2019. Exploits for the vulnerability first started to be published on January 11, 2020. A permanent fix was issued to...

Read More
Urgent Patching Required for Windows Server Flaws Now PoC Exploits Published
Jan27

Urgent Patching Required for Windows Server Flaws Now PoC Exploits Published

On January 2020 Patch Tuesday (01.14.2020) Microsoft released patches to address two vulnerabilities in Remote Desktop Gateway (RD Gateway) that affected Windows Server 2012, 2016, and 2019. The vulnerabilities have been collectively named BlueGate. Exploitation of the vulnerabilities could lead to remote code execution. Microsoft recommended prompt patching to correct the flaws and now the urgency has increased as several...

Read More
55% of Organizations Were Successfully Phished in 2019
Jan27

55% of Organizations Were Successfully Phished in 2019

Phishing is the most common method of attacking organizations and it continues to cause problems for IT departments and considerable losses for organizations. A new report from Proofpoint has revealed the extent of phishing and how often the attacks succeed. The data for the report came from a survey of more than 3,500 working adults and 600 cybersecurity professionals in Australia, France, Germany, Japan, Spain, the United States,...

Read More
CISA Warns of Increase in Emotet Malware Activity
Jan24

CISA Warns of Increase in Emotet Malware Activity

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning over an increase in Emotet malware activity. The Emotet botnet sprung back to life on January 13, 2020 with largescale spamming campaigns detected spreading the Emotet Trojan. The Emotet Trojan is a modular malware that serves as a banking Trojan, information stealer, and malware downloader. The Trojan can move...

Read More
Cisco Patches Critical Vulnerability in Cisco Firepower Management Center
Jan24

Cisco Patches Critical Vulnerability in Cisco Firepower Management Center

Cisco has issued hotfix patches for a critical vulnerability in its network security tool, Cisco Firepower Management Center (FMC). The flaw, tracked as CVE-2019-16028, is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external server. The flaw could be exploited by a remote attacker to bypass authentication and execute arbitrary actions on a vulnerable device with...

Read More