Threat Advisory

Threat Advisory: Dirty COW Linux Kernel Vulnerability

A 9-year-old critical vulnerability in the Linux kernel, dubbed 'Dirty COW' (CVE-2016-5195) has recently surfaced and is being actively exploited. The vulnerability, named from the copy-on-write (COW) mechanism in the Linux kernel, could allow a malicious actor to tamper with read-only, root-owned executable files. In other words, exploitation of this vulnerability may allow an attacker to take complete control of... Read More
October 21, 2016

Threat Update: US-CERT Confirms Heightened DDoS Threat Posed by Mirai and Other Botnets

Herjavec Group circulates US – CERT advisories as this notification warrants attention and may have significance to your Enterprise network environment. If the following advisory is applicable to your environment, Herjavec Group recommends your IT team review the technical details included and monitor your environment for any susceptible systems. Herjavec Group’s analysts are working with applicable vendor partners to apply... Read More
October 17, 2016

Threat Update: WPAD Name Collision Vulnerability

Web Proxy Auto-Discovery (WPAD) Domain Name System (DNS) queries that are intended for resolution on private or enterprise DNS servers have been observed reaching public DNS servers [1]. In combination with the New generic Top Level Domain (gTLD) program’s incorporation of previously undelegated gTLDs for public registration, leaked WPAD queries could result in domain name collisions with internal network naming... Read More
May 24, 2016

Threat Update: SAP Business Applications

It has been reported that over 35 organizations worldwide running outdated or misconfigured software are affected by an SAP vulnerability. Security researchers from Onapsis discovered indicators of exploitation against these organizations’ SAP business applications. The observed indicators relate to the abuse of the Invoker Servlet, a built-in functionality in SAP NetWeaver Application Server Java systems (SAP Java platforms). The Invoker... Read More
May 11, 2016

Ransomware and Recent Variants

The United States Department of Homeland Security (DHS), in collaboration with Canadian Cyber Incident Response Centre (CCIRC), released the following alert to provide further information on ransomware including its main characteristics, its prevalence, variants that may be proliferating, and how users can prevent and mitigate against it. Herjavec Group is circulating the advisory below as this information warrants attention and may have significance to... Read More
April 7, 2016

Threat Advisory: Tracking the Badlock Vulnerability

There have been a number of posts and news releases relating to the Badlock vulnerability, for which patches are expected to be available April 12. The “marketing efforts” and media attention surrounding the vulnerability have received backlash given that no solutions are readily available. The Badlock vulnerability is expected to impact Windows networking services which will potentially expose a large volume... Read More
March 28, 2016

Threat Advisory: Symantec Releases Security Update

Symantec has released an update to address vulnerabilities in Symantec Endpoint Protection version 12.1. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Please review the Security Advisory from Symantec and apply the necessary update. Herjavec Group circulates US – Cert advisories as this notification warrants attention and may have significance to your... Read More
March 17, 2016

Threat Update: VMware Releases Security Updates

VMware has released security updates to address vulnerabilities in VMware vRealize Automation and vRealize Business Advanced and Enterprise. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. Please review the  VMware Security Advisory VMSA-2016-0003 and apply the necessary updates.  Herjavec Group circulates US – Cert advisories as this notification warrants attention and may have significance... Read More

Threat Advisory: OpenSSL Releases Security Advisory

OpenSSL has released a security advisory addressing multiple vulnerabilities in prior versions. Exploitation of some of these vulnerabilities may allow a remote attacker to obtain sensitive or private data. Open SSL updates available include: OpenSSL 1.0.2g for 1.0.2 users  OpenSSL 1.0.1s for 1.0.1 users  Herjavec Group encourages organizations to review the OpenSSL Security Advisory and apply the necessary updates. Herjavec Group circulates US... Read More
March 1, 2016

Threat Advisory: Chrome Updates

Chrome version 48.0.2564.116 is now available to address a vulnerability for Windows, Mac, and Linux. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. It is recommended that users and administrators review the Chrome Releases page and apply the necessary update.  Herjavec Group circulates US – Cert advisories as this notification warrants attention... Read More
February 19, 2016