Accountability, Security Defenses and System Administration

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

eSecurity Planet

FEBRUARY 26, 2024

The fix: System administrators are encouraged to install the Exchange Server 2019 Cumulative Update 14 (CU14), which was issued in February 2024 and enabled NTLM credentials Relay Protection. Read our guide on privilege escalation attacks next to learn about the detection and prevention strategies for your privileged accounts and data.

Risk

Risk Authentication System Administration Ransomware

Black Hat AI Tools Fuel Rise in Business Email Compromise (BEC) Attacks

eSecurity Planet

JULY 13, 2023

.” The security researchers tested WormGPT to see how it would perform in BEC attacks. In one experiment, they asked WormGPT “to generate an email intended to pressure an unsuspecting account manager into paying a fraudulent invoice.” ” “The results were unsettling,” Kelley wrote.

Cybercrime

Cybercrime Phishing Marketing System Administration

Vulnerability Recap 7/15/24 – Industry Patches vs Flaw Exploits

eSecurity Planet

JULY 15, 2024

Threat actors exploited a weakness in Veeam’s software to create unauthorized accounts such as “VeeamBkp,” allowing for network reconnaissance and data exfiltration. The fix: Veeam addressed CVE-2023-27532 through their upgrades that prevent xp_cmdshell misuse and unauthorized account creation.

Authentication

Authentication Backups Software Risk

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. An attacker creates a new admin user and logs into an OpenFire account. The security bulletin was last updated August 25. Threat actors can use WFP to escalate their privileges on Windows.

VPN

VPN Authentication Mobile Firewall

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. An attacker creates a new admin user and logs into an OpenFire account. The security bulletin was last updated August 25. Threat actors can use WFP to escalate their privileges on Windows.

VPN

VPN Authentication Mobile Firewall

More ‘actionable’ intel needed from HHS to support health IT security

SC Magazine

JUNE 29, 2021

But the Government Accountability Office found areas where HHS could better coordinate its efforts to support department information sharing and overall health IT security. The Department of Health and Human Services has made progress in threat sharing efforts to support cybersecurity within its partnerships and the health care sector.

Healthcare

Healthcare Cybersecurity CISO Cyber threats

CSPM vs CWPP vs CIEM vs CNAPP: What’s the Difference?

eSecurity Planet

AUGUST 4, 2023

Cloud Security Posture Management services (CSPM) began to appear in 2014 to manage cloud service configurations as cloud service providers like AWS, Microsoft Azure, and Google Cloud grew more prevalent. To set up and administer access controls using CIEM systems, administrators and security teams may need specialized training.

Architecture

Architecture Risk Data breaches Threat Detection

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

eSecurity Planet

MAY 27, 2024

This vulnerability, which affected servers with and without the English (United States) language pack, impeded the successful installation of crucial security patches. This affected system administrators worldwide. However, for exploitation to occur, users must interact with it.

Backups

Backups Authentication DDOS Engineering

How to Perform a Vulnerability Scan in 10 Steps

eSecurity Planet

JULY 20, 2023

Vulnerability scans play a vital role in identifying weaknesses within systems and networks, reducing risks, and bolstering an organization’s security defenses. Develop and implement suitable remediation procedures in collaboration with key stakeholders such as system administrators, network engineers, and security teams.

Authentication

Authentication Penetration Testing Risk Software

How to Get Started in Cybersecurity: Steps, Skills & Resources

eSecurity Planet

JULY 30, 2024

A few highlights include analysts, engineering roles in networking, IT system administration, pentesting, and leadership roles. Sysadmin roles can involve: Setting up networks and IT systems: These leaders manage setup processes for hardware, software, network connections, and user permissions.

Cybersecurity

Cybersecurity System Administration Engineering Firewall

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

eSecurity Planet

SEPTEMBER 11, 2023

W3LL Phishing Tool Steals Thousands of Microsoft 365 Accounts Type of attack: W3LL, a threat actor, created a phishing kit that can defeat multi-factor authentication (MFA) , which allowed it to infiltrate over 8,000 corporate Microsoft 365 accounts. Also see the Google support page Check & update your Android version.

VPN

VPN Authentication Firmware Phishing

Cyber Security Informer

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

Black Hat AI Tools Fuel Rise in Business Email Compromise (BEC) Attacks

Trending Sources

Vulnerability Recap 7/15/24 – Industry Patches vs Flaw Exploits

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

More ‘actionable’ intel needed from HHS to support health IT security

CSPM vs CWPP vs CIEM vs CNAPP: What’s the Difference?

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

How to Perform a Vulnerability Scan in 10 Steps

How to Get Started in Cybersecurity: Steps, Skills & Resources

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

Stay Connected