Threat Advisory

Threat Update: Dorkbot and OpenSSL Update

Dorkbot Advisory The Dorkbot botnet is used to steal online payment information, support denial of service (DDos) attacks and deliver malware. Microsoft has confirmed that this family of malware has infected more than one million computers in over 190 countries this year. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI) and... Read More
December 4, 2015

Threat Update: eDellRoot

Dell consumer personal computers using the preinstalled certificate authority (CA) root certificate (eDellRoot) contain a critical vulnerability. This preinstalled root certificate resides on newer Dell laptops and desktops. Exploitation of the vulnerability could allow a remote attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system. Review the... Read More
November 25, 2015

Threat Advisory | Caution Regarding Breaking News Update Phishing Campaigns

In light of the recent attacks in France and the media coverage surrounding this major incident, Herjavec Group would like to ensure our customers are aware of the heightened risk of potentially fake news campaigns via phishing emails. We often see innocent end users lured into opening “Breaking News” communications when a serious event like this occurs. These campaigns are... Read More
November 14, 2015

Threat Advisory | Oracle Critical Patch Update

Oracle has released its Critical Patch Update for October 2015 to address 154 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Herjavec Group encourages users and administrators to review the Oracle October 2015 Critical Patch Update and apply the necessary updates. Herjavec Group circulates US –... Read More
October 21, 2015

Threat Advisory | VMware Security Updates

VMware has released security updates to address vulnerabilities in vCenter and ESXi. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.  Users and administrators are encouraged to review VMware Security Advisory VMSA-2015-0007 and apply the necessary updates.   Herjavec Group circulates US – Cert advisories as this notification warrants attention and may have... Read More
October 2, 2015

Threat Advisory | FireEye HX 2.1 Vulnerability Update

FireEye has confirmed a vulnerability affecting its HX product version 2.1 (a legacy version, but still in use by some customers). The current release of FireEye’s HX product offering is version 2.6. FireEye has acknowledged that this vulnerability cannot be executed remotely, nor can it be exploited by an unauthenticated user.It is recommended that customers utilizing the HX product version... Read More
September 8, 2015

Threat Advisory | UDP-Based Amplification Attacks

Original release date by US Cert: January 17, 2014 | Last revised: August 19, 2015 A Distributed Reflective Denial of Service (DRDoS) attack is a form of Distributed Denial of Service (DDoS) that relies on the use of publicly accessible UDP servers, as well as bandwidth amplification factors, to overwhelm a victim system with UDP traffic. UDP, by design, is... Read More
August 20, 2015

Threat Advisory | Microsoft Font Driver Vulnerability

Microsoft Windows has reported a critical vulnerability that could allow remote execution if a user opens documents or visits untrusted webpages that contain embedded OpenType fonts. A security update has been made available and will correct how the Windows Adobe Type Manager Library handles OpenType fonts. For more information about this update, see Microsoft Knowledge Base Article 3079904. Most clients... Read More
July 21, 2015

Threat Advisory | Critical OpenSSL Patch Coming Today

Herjavec Group is currently monitoring the developments around an expected high severity vulnerability. It is believed the Open SSL project team will release a critical patch that could require a lengthy upgrade process. We are in the process of patching all managed client devices as updates are released by impacted vendors. This issue affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and... Read More
July 9, 2015

Threat Advisory | Palo Alto Networks Emergency Path Update

Palo Alto Networks has released an emergency content update to add additional coverage for a recent 0-day vulnerability impacting Adobe Flash (CVE-2015-5119). This exploit can lead to arbitrary remote code execution by the attacker upon successful delivery and exploitation via a specially crafted Adobe Flash swf file, typically via a malicious website. Please review the note below and ensure the... Read More