risk mitigation

  1. AA20-073A: Enterprise VPN Security

    Original release date: March 13, 2020 | Last revised: April 15, 2020 Summary As organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees. Remote work options—or telework—require an enterprise virtual...
    • News
    • Thread
    • access control bandwidth management cisa recommendations cybersecurity enterprise vpn incident response it infrastructure multi-factor auth nist guidelines phishing remote work risk mitigation security software patches telework vulnerability
    • Replies: 0
    • Forum: Security Alerts

  2. AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor

    Original release date: July 1, 2020 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK framework. See the ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. This advisory—written by the...
    • News
    • Thread
    • anonymity apt cisa command and control cybersecurity data exfiltration data manipulation denial of service exploitation fbi incident response indicators of compromise malicious activity network monitoring network security reconnaissance risk mitigation security tools threat actors tor
    • Replies: 0
    • Forum: Security Alerts

  3. AA20-106A: Guidance on the North Korean Cyber Threat

    Original release date: April 14, 2020 | Last revised: April 15, 2020 Summary The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international...
    • News
    • Thread
    • cryptojacking cyber operations cyber threat cybercrime cybersecurity digital currency dprk espionage extortion financial sector hidden cobra illicit activities information sharing infrastructure international cooperation malware north korea ransomware risk mitigation sanctions
    • Replies: 0
    • Forum: Security Alerts

  4. TA18-275A: HIDDEN COBRA – FASTCash Campaign

    Original release date: October 02, 2018 Systems Affected Retail Payment Systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS), the Department of the Treasury (Treasury), and the Federal Bureau of Investigation...
    • News
    • Thread
    • atm banking infrastructure cyber threat cybersecurity dhs fastcash fbi financial fraud hidden cobra incident response iso 8583 malicious activity malware network defense payment systems risk mitigation spyware technical alert treasury vulnerability
    • Replies: 0
    • Forum: Security Alerts

  5. MS16-104 - Critical: Cumulative Security Update for Internet Explorer (3183038) - Version: 1.0

    Severity Rating: Critical Revision Note: V1.0 (September 13, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet...
    • News
    • Thread
    • administrative access attack vector critical severity cumulative update data protection exploit internet explorer malware prevention ms16-104 patch remote code execution risk mitigation security bulletin security update september 2016 system control update bulletin user accounts user rights vulnerabilities
    • Replies: 0
    • Forum: Security Alerts

  6. MS15-088 - Important: Unsafe Command Line Parameter Passing Could Allow Information...

    Severity Rating: Important Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update helps to resolve an information disclosure vulnerability in Microsoft Windows, Internet Explorer, and Microsoft Office. To exploit the vulnerability an attacker would first have to...
    • News
    • Thread
    • bug fix command line exploitation information disclosure internet explorer microsoft office ms15-088 notepad office updates patch powerpoint revision note risk mitigation security software security software vulnerability technical bulletin update vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  7. MS13-067 - Critical : Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code...

    Severity Rating: Critical Revision Note: V1.1 (September 11, 2013): Removed the workaround, Enable viewstate MAC on sites where it is not already enabled, for CVE-2013-1330. Summary: This security update resolves one publicly disclosed vulnerability and nine privately reported vulnerabilities in...
    • News
    • Thread
    • critical cve-2013-1330 microsoft office server remote code risk mitigation security update sharepoint vulnerabilities w3wp
    • Replies: 0
    • Forum: Security Alerts