Threat Advisory: Key Vulnerability Found In Cisco’s WebEx Chrome Extension

January 25, 2017
threatupdate

A critical vulnerability has recently been uncovered in the Chrome extension of Cisco WebEx, a web conferencing software widely used by enterprise businesses, leaving 20 million users susceptible to attack. Windows Chrome users are in danger of getting hacked if unknowingly visiting a malicious website. The malicious websites host a file or other resource that contains the string “cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html” […]

Read More

Threat Advisory: More Than 1 Million Google Accounts Breached by Gooligan

November 30, 2016
threatupdate

Checkpoint has recently released information on a new malware campaign named Gooligan. Gooligan has already breached the security of over one million Google accounts and it is believed that more than 13,000 devices will be compromised daily. The Gooligan malware roots infected devices and steals authentication tokens that can be used to access data from […]

Read More

Threat Advisory: Dirty COW Linux Kernel Vulnerability

October 21, 2016
threatupdate

A 9-year-old critical vulnerability in the Linux kernel, dubbed ‘Dirty COW’ (CVE-2016-5195) has recently surfaced and is being actively exploited. The vulnerability, named from the copy-on-write (COW) mechanism in the Linux kernel, could allow a malicious actor to tamper with read-only, root-owned executable files. In other words, exploitation of this vulnerability may allow an attacker […]

Read More

Threat Update: US-CERT Confirms Heightened DDoS Threat Posed by Mirai and Other Botnets

October 17, 2016
threatupdate

Herjavec Group circulates US – CERT advisories as this notification warrants attention and may have significance to your Enterprise network environment. If the following advisory is applicable to your environment, Herjavec Group recommends your IT team review the technical details included and monitor your environment for any susceptible systems. Herjavec Group’s analysts are working with […]

Read More

Threat Update: WPAD Name Collision Vulnerability

May 24, 2016
threatupdate

Web Proxy Auto-Discovery (WPAD) Domain Name System (DNS) queries that are intended for resolution on private or enterprise DNS servers have been observed reaching public DNS servers [1]. In combination with the New generic Top Level Domain (gTLD) program’s incorporation of previously undelegated gTLDs for public registration, leaked WPAD queries could result in domain name […]

Read More

Threat Update: SAP Business Applications

May 11, 2016
threatupdate

It has been reported that over 35 organizations worldwide running outdated or misconfigured software are affected by an SAP vulnerability. Security researchers from Onapsis discovered indicators of exploitation against these organizations’ SAP business applications. The observed indicators relate to the abuse of the Invoker Servlet, a built-in functionality in SAP NetWeaver Application Server Java systems […]

Read More

Ransomware and Recent Variants

April 7, 2016
ransomware blog

The United States Department of Homeland Security (DHS), in collaboration with Canadian Cyber Incident Response Centre (CCIRC), released the following alert to provide further information on ransomware including its main characteristics, its prevalence, variants that may be proliferating, and how users can prevent and mitigate against it. Herjavec Group is circulating the advisory below as this information warrants attention […]

Read More

Threat Advisory: Tracking the Badlock Vulnerability

March 28, 2016
threatupdate

There have been a number of posts and news releases relating to the Badlock vulnerability, for which patches are expected to be available April 12. The “marketing efforts” and media attention surrounding the vulnerability have received backlash given that no solutions are readily available. The Badlock vulnerability is expected to impact Windows networking services which will […]

Read More

Threat Advisory: Symantec Releases Security Update

March 17, 2016
threatupdate

Symantec has released an update to address vulnerabilities in Symantec Endpoint Protection version 12.1. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Please review the Security Advisory from Symantec and apply the necessary update. Herjavec Group circulates US – Cert advisories as this notification warrants attention and […]

Read More

Threat Update: VMware Releases Security Updates

threatupdate

VMware has released security updates to address vulnerabilities in VMware vRealize Automation and vRealize Business Advanced and Enterprise. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. Please review the  VMware Security Advisory VMSA-2016-0003 and apply the necessary updates.  Herjavec Group circulates US – Cert advisories as this notification warrants […]

Read More