Threat Advisory

Threat Update: SAP Business Applications

It has been reported that over 35 organizations worldwide running outdated or misconfigured software are affected by an SAP vulnerability. Security researchers from Onapsis discovered indicators of exploitation against these organizations’ SAP business applications. The observed indicators relate to the abuse of the Invoker Servlet, a built-in functionality in SAP NetWeaver Application Server Java systems (SAP Java platforms). The Invoker... Read More
May 11, 2016

Ransomware and Recent Variants

The United States Department of Homeland Security (DHS), in collaboration with Canadian Cyber Incident Response Centre (CCIRC), released the following alert to provide further information on ransomware including its main characteristics, its prevalence, variants that may be proliferating, and how users can prevent and mitigate against it. Herjavec Group is circulating the advisory below as this information warrants attention and may have significance to... Read More
April 7, 2016

Threat Advisory: Tracking the Badlock Vulnerability

There have been a number of posts and news releases relating to the Badlock vulnerability, for which patches are expected to be available April 12. The “marketing efforts” and media attention surrounding the vulnerability have received backlash given that no solutions are readily available. The Badlock vulnerability is expected to impact Windows networking services which will potentially expose a large volume... Read More
March 28, 2016

Threat Advisory: Symantec Releases Security Update

Symantec has released an update to address vulnerabilities in Symantec Endpoint Protection version 12.1. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Please review the Security Advisory from Symantec and apply the necessary update. Herjavec Group circulates US – Cert advisories as this notification warrants attention and may have significance to your... Read More
March 17, 2016

Threat Update: VMware Releases Security Updates

VMware has released security updates to address vulnerabilities in VMware vRealize Automation and vRealize Business Advanced and Enterprise. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. Please review the  VMware Security Advisory VMSA-2016-0003 and apply the necessary updates.  Herjavec Group circulates US – Cert advisories as this notification warrants attention and may have significance... Read More

Threat Advisory: OpenSSL Releases Security Advisory

OpenSSL has released a security advisory addressing multiple vulnerabilities in prior versions. Exploitation of some of these vulnerabilities may allow a remote attacker to obtain sensitive or private data. Open SSL updates available include: OpenSSL 1.0.2g for 1.0.2 users  OpenSSL 1.0.1s for 1.0.1 users  Herjavec Group encourages organizations to review the OpenSSL Security Advisory and apply the necessary updates. Herjavec Group circulates US... Read More
March 1, 2016

Threat Advisory: Chrome Updates

Chrome version 48.0.2564.116 is now available to address a vulnerability for Windows, Mac, and Linux. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. It is recommended that users and administrators review the Chrome Releases page and apply the necessary update.  Herjavec Group circulates US – Cert advisories as this notification warrants attention... Read More
February 19, 2016

Threat Advisory: Critical glibc Flaw Puts Linux Machines at Risk

GNU C Library (glibc) is a collection of open source code that powers thousands of applications and most Linux distributions. A highly critical vulnerability has been uncovered in the GNU C Library (glibc), a key component of most Linux distributions.  The vulnerability, which is indexed as CVE-2015-7547, is a stack-based buffer overflow vulnerability in glibc's DNS client-side resolver that is used... Read More
February 17, 2016

Threat Advisory: Cisco Security Update

Cisco has released a security update to address a vulnerability in its ASA software. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system.  Systems Affected: Cisco ASA 5500 Series Adaptive Security Appliances Cisco ASA 5500-X Series Next-Generation Firewalls Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers... Read More
February 11, 2016

Threat Advisory: Ransomware Impacting WordPress sites

A large number of WordPress websites have been compromised and are delivering TeslaCrypt ransomware. While it is not yet clear how these sites are being infected, it is suspected that there is a new vulnerability in WordPress or within a popular plug in. The compromised sites were hacked and had an encrypted code added to the end of their legitimate... Read More
February 8, 2016