Palo Alto Networks Publishes 2 New and 1 Updated Security Advisory Addressing 3 Security Issues

August 31, 2017
HTTPS interception

New Security Advisories  PAN-SA-2017-0023 – Cross-Site Scripting in PAN-OS  A vulnerability exists in PAN-OS’s GlobalProtect external interface that could allow for a cross-site scripting (XSS) attack. PAN-OS does not properly validate specific request parameters  * Medium Severity  * Fixed in PAN-OS 6.1.18, PAN-OS 7.0.17, PAN-OS 7.1.12 and PAN-OS 8.0.3  * CVE-2017-12416 PAN-SA-2017-0024 – XML External […]

Read More

Beware of Hurricane Harvey Phishing Scams

August 29, 2017
HTTPS interception

Herjavec Group advises to be cautious of any emails with subject lines, hyperlinks or attachments related to Hurricane Harvey relief efforts. Cybercriminal activity tends to increase significantly following a natural disaster of this magnitude. For example, fraudulent emails that mimic reputable charitable organizations requesting donations, often contain malicious links or attachments that direct users to […]

Read More

Threat Advisory: “Petya” Ransomware Update

June 27, 2017
HTTPS interception

Multiple sources have reported the spread of the “Petya” ransomware in countries around the world. Ransomware is a type of malicious software that infects a computer and restricts users’ access to the infected machine until a ransom is paid to unlock it. Individuals and organizations are discouraged from paying the ransom, as this does not […]

Read More

WannaCry Fact Sheet

May 18, 2017

Herjavec Group published its first threat advisory on the WannaCry attack on Friday May 12th. In response to WannaCry, Herjavec Group’s Security Operations Centers immediately heightened awareness internally for IOCs, and MD5 hashes which were attributed to the execution and symptoms of the attack.  Over the 48 hours that followed, HG security engineers developed and […]

Read More

Threat Update: Microsoft Releases Critical Security Update

May 9, 2017
HTTPS interception

Microsoft has released a critical out-of-band security update addressing a vulnerability in the Microsoft Malware Protection Engine. A remote attacker could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Advisory 4022344 for details and apply the necessary update. To view the original US-CERT advisory, please click […]

Read More

Threat Update: Intel Firmware Vulnerability (Updated)

May 8, 2017
HTTPS interception

Intel has released recommendations to address a recent vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability does not affect Intel-based consumer PCs. An attacker could exploit this vulnerability to take control of […]

Read More

Threat Update: Intel Firmware Vulnerability

May 2, 2017
HTTPS interception

Intel has released recommendations to address a vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology, firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability does not affect Intel-based consumer PCs. An attacker could exploit this vulnerability to take control of an […]

Read More

Threat Update: Microsoft Releases April 2017 Security Updates

April 12, 2017
HTTPS interception

Microsoft has released 61 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of a system. This Security Update addresses a Microsoft Office vulnerability that is actively being exploited to spread malicious code. Herjavec Group aligns with US Cert’s recommendation for users and administrators […]

Read More

Threat Update: HTTPS Interception Weakens TLS Security

March 16, 2017
HTTPS interception

Many organizations use HTTPS interception products for several purposes, including detecting malware that uses HTTPS connections to malicious servers. In a recent report, The Security Impact of HTTPS Interception highlighted several security concerns with HTTPS inspection products including: Many HTTPS inspection products do not properly verify the certificate chain of the server before re-encrypting and forwarding […]

Read More

Threat Advisory: Key Vulnerability Found In Cisco’s WebEx Chrome Extension

January 25, 2017
HTTPS interception

A critical vulnerability has recently been uncovered in the Chrome extension of Cisco WebEx, a web conferencing software widely used by enterprise businesses, leaving 20 million users susceptible to attack. Windows Chrome users are in danger of getting hacked if unknowingly visiting a malicious website. The malicious websites host a file or other resource that contains the string “cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html” […]

Read More