WannaCry Fact Sheet

May 18, 2017

Herjavec Group published its first threat advisory on the WannaCry attack on Friday May 12th. In response to WannaCry, Herjavec Group’s Security Operations Centers immediately heightened awareness internally for IOCs, and MD5 hashes which were attributed to the execution and symptoms of the attack.  Over the 48 hours that followed, HG security engineers developed and […]

Read More

Threat Update: Microsoft Releases Critical Security Update

May 9, 2017
HTTPS interception

Microsoft has released a critical out-of-band security update addressing a vulnerability in the Microsoft Malware Protection Engine. A remote attacker could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Advisory 4022344 for details and apply the necessary update. To view the original US-CERT advisory, please click […]

Read More

Threat Update: Intel Firmware Vulnerability (Updated)

May 8, 2017
HTTPS interception

Intel has released recommendations to address a recent vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability does not affect Intel-based consumer PCs. An attacker could exploit this vulnerability to take control of […]

Read More

Threat Update: Intel Firmware Vulnerability

May 2, 2017
HTTPS interception

Intel has released recommendations to address a vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology, firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability does not affect Intel-based consumer PCs. An attacker could exploit this vulnerability to take control of an […]

Read More

Threat Update: Microsoft Releases April 2017 Security Updates

April 12, 2017
HTTPS interception

Microsoft has released 61 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of a system. This Security Update addresses a Microsoft Office vulnerability that is actively being exploited to spread malicious code. Herjavec Group aligns with US Cert’s recommendation for users and administrators […]

Read More

Threat Update: HTTPS Interception Weakens TLS Security

March 16, 2017
HTTPS interception

Many organizations use HTTPS interception products for several purposes, including detecting malware that uses HTTPS connections to malicious servers. In a recent report, The Security Impact of HTTPS Interception highlighted several security concerns with HTTPS inspection products including: Many HTTPS inspection products do not properly verify the certificate chain of the server before re-encrypting and forwarding […]

Read More

Threat Advisory: Key Vulnerability Found In Cisco’s WebEx Chrome Extension

January 25, 2017
HTTPS interception

A critical vulnerability has recently been uncovered in the Chrome extension of Cisco WebEx, a web conferencing software widely used by enterprise businesses, leaving 20 million users susceptible to attack. Windows Chrome users are in danger of getting hacked if unknowingly visiting a malicious website. The malicious websites host a file or other resource that contains the string “cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html” […]

Read More

Threat Advisory: More Than 1 Million Google Accounts Breached by Gooligan

November 30, 2016
HTTPS interception

Checkpoint has recently released information on a new malware campaign named Gooligan. Gooligan has already breached the security of over one million Google accounts and it is believed that more than 13,000 devices will be compromised daily. The Gooligan malware roots infected devices and steals authentication tokens that can be used to access data from […]

Read More

Threat Advisory: Dirty COW Linux Kernel Vulnerability

October 21, 2016
HTTPS interception

A 9-year-old critical vulnerability in the Linux kernel, dubbed ‘Dirty COW’ (CVE-2016-5195) has recently surfaced and is being actively exploited. The vulnerability, named from the copy-on-write (COW) mechanism in the Linux kernel, could allow a malicious actor to tamper with read-only, root-owned executable files. In other words, exploitation of this vulnerability may allow an attacker […]

Read More

Threat Update: US-CERT Confirms Heightened DDoS Threat Posed by Mirai and Other Botnets

October 17, 2016
HTTPS interception

Herjavec Group circulates US – CERT advisories as this notification warrants attention and may have significance to your Enterprise network environment. If the following advisory is applicable to your environment, Herjavec Group recommends your IT team review the technical details included and monitor your environment for any susceptible systems. Herjavec Group’s analysts are working with […]

Read More