Threat Advisory

Threat Advisory: Critical glibc Flaw Puts Linux Machines at Risk

GNU C Library (glibc) is a collection of open source code that powers thousands of applications and most Linux distributions. A highly critical vulnerability has been uncovered in the GNU C Library (glibc), a key component of most Linux distributions.  The vulnerability, which is indexed as CVE-2015-7547, is a stack-based buffer overflow vulnerability in glibc's DNS client-side resolver that is used... Read More
February 17, 2016

Threat Advisory: Cisco Security Update

Cisco has released a security update to address a vulnerability in its ASA software. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system.  Systems Affected: Cisco ASA 5500 Series Adaptive Security Appliances Cisco ASA 5500-X Series Next-Generation Firewalls Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers... Read More
February 11, 2016

Threat Advisory: Ransomware Impacting WordPress sites

A large number of WordPress websites have been compromised and are delivering TeslaCrypt ransomware. While it is not yet clear how these sites are being infected, it is suspected that there is a new vulnerability in WordPress or within a popular plug in. The compromised sites were hacked and had an encrypted code added to the end of their legitimate... Read More
February 8, 2016

Oracle Releases Security Bulletin

Oracle recently released its Critical Patch Update to address 248 vulnerabilities across multiple products for January 2016. Some of these vulnerabilities may allow an attacker to remotely take full control of an affected system.  Herjavec Group strongly advises users and administrators to apply all of the necessary patches and review Oracle's original update here. Herjavec Group circulates US – Cert advisories... Read More
January 20, 2016

Threat Advisory: Linux Kernel Vulnerability (CVE-2016-0728)

According to the Perception Point research team, a zero-day vulnerability, which has existed since 2012, has been discovered today allowing Android or Linux applications to escalate privileges and gain root access. Any Linux machine with Kernel 3.8 or higher is vulnerable, which includes tens of millions of Linux PCs and servers, as well as 66% of all Android devices. By... Read More
January 19, 2016

Threat Advisory: OpenSSH version 7.1p2

OpenSSH version 7.1p2 has been released to address vulnerabilities in versions 5.4 through 7.1p1. Exploitation of the vulnerabilities could permit a remote attacker to obtain sensitive information from an affected system. You are encouraged to review the OpenSSH Release Notes and Vulnerability Note VU#456088 and apply the necessary updates. Stay Informed      Follow us on Twitter     Connect with us on... Read More
January 15, 2016

Threat Advisory: Fortinet Communication on “Backdoor Vulnerability”

On Tuesday a researcher posted a screenshot allegedly demonstrating someone using an exploit code to gain remote access to a server running Fortinet’s FortiOS software. Fortinet has communicated publicly that this issue was disclosed and resolved in July of 2014. They’ve stated, “This was not a “backdoor” vulnerability issue but rather a management authentication issue. The issue was identified by... Read More
January 13, 2016

Threat Advisory: Multiple Security Updates Released

Please ensure your organization is up to date on the latest Microsoft, Adobe and ISC releases. Users and administrators should review the bulletin links below and apply the necessary updates: Microsoft has released 9 updates to address vulnerabilities in their software. Review their latest bulletin here. Adobe has released multiple updates to address vulnerabilities in Acrobat and Reader. Review their... Read More

Threat Advisory: Juniper Unauthorized Code

Juniper has discovered unauthorized code in ScreenOS which could allow an attacker to take control of NetScreen devices and to decrypt VPN connections. Review the bulletin available here and update all affected ScreenOS versions. Herjavec Group circulates US – Cert advisories as this notification warrants attention and may have significance to your Enterprise network environment. If the following advisory is... Read More
December 18, 2015

Threat Update: Dorkbot and OpenSSL Update

Dorkbot Advisory The Dorkbot botnet is used to steal online payment information, support denial of service (DDos) attacks and deliver malware. Microsoft has confirmed that this family of malware has infected more than one million computers in over 190 countries this year. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI) and... Read More
December 4, 2015