Threat Advisory

Herjavec Group’s Threat Summary Analysis – Q2 2019

Herjavec Group’s Threat Summary Analysis – Q2 2019

Herjavec Group’s Threat Management Team leverages this Quarterly Threat Summary to provide an overview of the most common threats and vulnerabilities seen in customer environments in recent months. While Phishing, Ransomware, Crypto-Jacking and IoT Vulnerabilities were prominent in 2018 and the early months of 2019, we have seen a recent uptick in Business Email Compromises, Credential Stuffing, and Web Application... Read More
June 20, 2019
Cybersecurity CEO: My 3 Tips For Presenting In The Boardroom

Cybersecurity CEO: My 3 Tips For Presenting In The Boardroom

How to effectively engage C-suite executives in your presentations – Robert Herjavec Los Angeles, Calif. – Jun 19, 2019 We all recognize that a cyber breach can significantly impact an organization’s reputation, and valuation. If you’re heading into the boardroom to deliver a presentation on cybersecurity to C-suite executives, then you’d better be ready to speak their language. To start,... Read More
June 19, 2019
Threat Advisory: New Vulnerability Affecting Exim Servers

Threat Advisory: New Vulnerability Affecting Exim Servers

A critical remote code execution vulnerability is actively being scanned for and exploited across the Internet. Known as "Return of the WIZard", the vulnerability (tracked under CVE-2019-10149) affects the Exim mail transfer relays (versions 4.87-4.91), which currently operate on more than half of all mail servers on the Internet. The vulnerability was exploited as early as June 9, 2019. While... Read More
June 13, 2019
Threat Advisory: Remote Desktop Services Vulnerability

Threat Advisory: Remote Desktop Services Vulnerability

This week, Microsoft released a critical update for their Remote Desktop Services (formerly Terminal Services) impacting multiple Windows versions. It is critical that organizations apply the patch as soon as possible because this vulnerability is “wormable”, meaning it is pre-authentication and requires no user interaction. An exploit for this weakness could be used to create malware that would spread similarly... Read More
May 15, 2019
Threat Advisory: TrickBot Malware

Threat Advisory: TrickBot Malware

The Multi-State Information Sharing and Analysis Center (MS-ISAC) recently released a security primer on TrickBot. Originally developed in 2016 as a Windows-based banking Trojan, TrickBot has recently seen advancements in its capabilities. The developers behind it have continued to add more features via modules to this potent trojan. With its modular structure, it is able to download new modules from... Read More
March 15, 2019
Herjavec Group’s Threat Summary Analysis

Herjavec Group’s Threat Summary Analysis

Herjavec Group circulates Threat Advisories on a regular basis to share threat intelligence and security recommendations. Our Threat Management Team has provided an overview of the most common threats and vulnerabilities communicated over the last quarter. Phishing, Ransomware, Crypto-Jacking and IoT Vulnerabilities were prominent in 2018. A summary of each threat type, as well as their potential impact and mitigation... Read More
January 31, 2019
Threat Advisory: CERT/CC Reports Critical Vulnerabilities in Microsoft Windows, Server

Threat Advisory: CERT/CC Reports Critical Vulnerabilities in Microsoft Windows, Server

The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting versions of Microsoft Windows and Windows Server. A remote attacker could exploit these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review CERT/CC’s Vulnerability Notes VU#289907 and VU#531281 and Microsoft’s security... Read More
January 4, 2019
Threat Advisory: SamSam Ransomware

Threat Advisory: SamSam Ransomware

The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) have recently issued a US-CERT alert on the SamSam ransomware. SamSam has targeted multiple industries since its initial release, including critical infrastructure.  According to the US-CERT, the SamSam ransomware exploits Windows servers to gain persistent access to a victim’s network... Read More
December 4, 2018
Threat Advisory: Suspicious Scanning Activity

Threat Advisory: Suspicious Scanning Activity

Details Herjavec Group has detected significant malicious scanning attempts across multiple client environments, including entertainment, finance and legal organizations. These scans, mostly targeting web applications and other external facing devices, do not appear to be targeted in nature but rather part of a general, large scale attempt to discover vulnerabilities within networks. Herjavec Group has observed several IPs scanning new clients daily,... Read More
November 7, 2018