Monday 1/20
Vulnerability Update: First permanent fixes available, timeline accelerated
Gotham’s Professional Services team is actively remediating the Citrix ADC vulnerability. If you are running versions 11.1 or 12, there is new firmware available to apply. The process can typically be completed within two hours with a minimum of downtime in an HA configuration. Other versions of NetScaler firmware still need to apply the available mitigation. Gotham NetScaler Managed Services customers are being proactively addressed. Our NetScaler team is available to perform this work for you if you need assistance. You can contact us at support@gothamtg.com.
http://bit.ly/37aCA2d
Emotet Returns After Holiday Break with Major Campaigns
Even though Emotet was on vacation for all but the last two weeks of Q3 (July – September), it still accounted for over 11% of all malicious payloads we saw for that entire quarter. That statistic alone tells the story of what TA542 is capable of with Emotet.
http://bit.ly/2NJS8lZ
Tuesday 1/21
Data Privacy Guide: Definitions, Explanations and Legislation
In this guide, we’ll look at why data privacy is important, and how it is linked to data security. Then we’ll take a look at the legislation that covers data privacy in several key countries, and In several key industries. Finally, we’ll give you some ways to improve your data privacy in both personal and business environments.
http://bit.ly/38qVvpL
CyberArk Launches New Just-in-Time Capabilities and More in v11.2
CyberArk now allows for SSH certificate-based authentication by providing secure privileged session isolation, which grants Linux and Unix admins instant, just-in-time access, without security teams needing to manage a private-public key pair for each account and remote machine.
http://bit.ly/37gF1k3
Wednesday 1/22
Citrix and FireEye Mandiant share forensic tool for CVE-2019-19781
The free tool, available under the Apache 2.0 open source license, provides customers with increased awareness of potential compromise related to the CVE-2019-19781 vulnerability on their systems.
http://bit.ly/30L2gQK
Cloud Native Security: What it Means
As attackers change their approach and move towards Gen VI attacks, security practitioners and developers must adjust accordingly how they defend cloud-native applications.
http://bit.ly/2uoYHDw
FireEye scoops up cloud security startup Cloudvisory
FireEye has touted the Cloudvisory solution as providing visibility into network data traffic for workloads, applications, and microservices; the ability to detect and remediate misconfigurations and malicious activities across multiple cloud providers; and more.
https://zd.net/2RIYP8S
Thursday 1/23
CurveBall – An Unimaginative Pun but a Devastating Bug (McAfee)
The bug is straightforward in that these functions only validate the encrypted public key value, and NOT the parameters of the ECC curve itself. What this means is that if an attacker can find the right mathematical combination of private key and the corresponding curve, they can generate the identical public key value as the trusted certificate authority.
http://bit.ly/2RL3UxA
IGEL Expands Alliance with Login VSI; Integrates Login Enterprise into IGEL OS 11.03
This integration will give IGEL customers the ability to test from the same hardware and locations of their remote users. Doing this “end-to-end testing” without breaking the chain of trust, will maximize the performance and availability on all IGEL OS-powered endpoints, ensuring application and desktop performance.
http://bit.ly/30NaIPh
Friday 1/24
Fixes now available for Citrix ADC, Citrix Gateway versions 12.1 and 13.0
As with the permanent fixes made available for Citrix ADC and Citrix Gateway versions 11.1 and 12.0 and Citrix SD-WAN 4000-WO, 5000-WO, 4100-WO, and 5100-WO earlier this week, these fixes are available to all customers regardless of whether they have an active maintenance contract with Citrix. We strongly urge all customers to immediately install these fixes.
http://bit.ly/2sSg2V6
2020 ‘State of the Phish’: Security Awareness Training, Email Reporting More Critical as Targeted Attacks Spike
Results of the infosec survey revealed that 88% of organizations worldwide faced spear phishing attacks and 86% dealt with business email compromise (BEC) attacks.
http://bit.ly/2Gk2XHl
sLoad Malware Revamped as Powerful ‘StarsLord’ Loader
The sLoad malware downloader, a PowerShell-based trojan first spotted in May 2018, has a new, polished version that comes with “more powerful features, posing even higher risk,” Microsoft researchers are warning.
http://bit.ly/2sV3Bbh