Insights

MFA May Not Be Enough

Multifactor Authentication was initially created to add another payer of security beyond a simple username password combination. But cybercriminals found ways to compromise it. Newer forms of MFA are phishing resistant. This Insight provides guidance on MFA, why phishing resistant is needed and how to select a phishing resistant type.    

 

MFA must be phishing resistant


Widespread technology outage disrupts flights and banking around the world

A glitch in Cloudstrike’s update rendered Microsoft 365 unusable for many people. It affected companies in multiple countries as well as government agencies.  

 

Cloudstrike glitch kills M365 for users


High-Severity Cisco Bug Grants Attackers Password Access

A newly discovered bug in Cisco SSM On-Prem and SSM Satellite systems. It was given the highest CVSS vulnerability rating of 10. The complexity of the attack was relatively easy making it even more serious. Exploits of this vulnerability allowed an attacker to change any password for any account. 

New Cisco bug rated 10 on CVSS


20 Million Trusted Domains Vulnerable to Email Hosting Exploits

A newly discovered exploit allows attackers to spoof emails from over 20 million domains from reputable and trusted sources. 

 

New bug makes email domains vulnerable 


'BadPack' APK Files Make Android Malware Hard to Detect

A method of hiding malware in APK files, a zip file archive format used by Android makes it very difficult to detect. The APK files also contain a file that includes instructions. This attack technique has used to hide trojans in banking apps. 

 

Android malware hard to detect


It’s Called Shadow IT For A Reason

Shadow IT has been around for decades. But the changes in technology to SaaS and AI systems combined with the increasing ability of cyber attackers to penetrate systems has added to the risk of Shadow IT. This Insight looks at it and suggests some possible ways forward. 

 

Shadow IT = Big Risks


BlastRADIUS bug puts most networking devices at risk

The Radius networking protocol has been a standard since 1997. A serious vulnerability has been discovered that affects virtually every router, switch, access point, and VPN concentrator from 1997 to today. This article provides work arounds to keep you safer.  

 

All networking devices at risk


New Phishing Platform Targets Microsoft 365 Accounts at Financial Firms

A new phishing attack is focusing on financial services firms in the Americas and EMEA. The specific focus is banks, private funding, and servicers of credit unions. 

The attack is by phishing emails that among other things go to fake Microsoft 365 authentication pages. 

 

M365 a target again


ChatGPT Mac security flaw raises red flags ahead of Apple Intelligence integration

The ChatGPT app for Macs is logging queries in plain text and not in an encrypted form. Information in this file can be seen by other apps or users on the device. This is a serious shortcoming.

 

ChatGPT and Apple flaw


Chinese Threat Group APT40 Exploits N-Day Vulns at Rapid Pace

Threat actors are discovering vulnerabilities and exploiting them as fast as the can. With no patch or workaround available they can do extensive damage. Ai is being used to speed up the attacks. 

 

https://www.darkreading.com/endpoint-security/chinese-apt40-exploits-nday-vulns-rapid-pace?fbclid=IwZXh0bgNhZW0CMTAAAR3WF0QMKWAmvCV35nxOuESW20_97WvCmkfWdTj8SieomgZH436G9tIG31s_aem_-cbkQXfXVj87anuCuIzS2w


Cyber Attackers Prefer Stealth

Cyber attackers like to stay hidden in your systems until they are ready to act. Despite best efforts breaches occur. OneBrightlyCyber alerts you 12-18 months before other vendors giving you time to change passwords or remediate malware. 

 

Knowing sooner is better


Juniper Rushes Out Emergency Patch for Critical Smart Router Flaw

Jupiter has issued a patch for a newly discovered vulnerability in their Session Smart Routers and Conductors. While not yet under exploit, it is a serious vulnerabilities. Path ASAP.  

 

Juniper issues patch, do it now


Patch Now: Cisco Zero-Day Under Fire From Chinese APT

A newly discovered vulnerability in Cisco NX-OS Software is already being exploited. It allows attackers to change switches, give commands, and install new malware. Be sure to patch as soon as possible. 

 

Cisco vulnerability - patch now!


Microsoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware Tool

Another example of hiding malware in fake job postings. Download the form and get the malware, not the job. 

 

Job post sound too job? Probably a scam


Prudential Data Breach Victim Count Soars to 2.5M

Prudential initially said the breach only affected 36,000 people.  Now they believe it to be 2.5 million. That is one huge rounding error!

 

Prudential ups estimate from 36k to 2.5m