Massive Brute Force Attack Targeting Networking Devices
A large-scale brute force attack is underway, using nearly 2.8 million IP addresses daily to target networking devices from Palo Alto Networks, Ivanti, and SonicWall….
Microsoft’s April Patch Tuesday Addresses Critical Zero-Day Attacks
Microsoft’s recent Patch Tuesday update in April 2024 has addressed 150 vulnerabilities. Importantly, this included patches for two “zero-day” vulnerabilities that had been actively exploited by cybercriminals.
What are Zero-Day Vulnerabilities?
Zero-day vulnerabilities are security flaws in software that are unknown to the software vendor. Attackers exploit these weaknesses before a fix is available, making them highly dangerous.
The Exploited Vulnerabilities
- CVE-2024-26234: A proxy driver spoofing vulnerability that allowed attackers to distribute malware through a compromised driver that appeared to carry a valid Microsoft signature.
- CVE-2024-29988: A SmartScreen bypass vulnerability, designed to evade Microsoft Defender’s “Mark of the Web” (MotW) security warnings when opening malicious files.
These attacks were employed in targeted campaigns to install malware, such as remote access trojans (RATs) on victim’s systems.
How to Protect Yourself
The importance of applying security updates promptly cannot be overstated:
- Update Immediately: Ensure your Windows systems are set to download and install updates automatically. Don’t postpone critical security patches.
- Good Cyber Security Habits: Remain cautious about email attachments, even from familiar senders. Never click on links within emails or attachments unless you completely trust the source.
- Antivirus and Security Software: Install reliable antivirus and internet security software and keep it updated.
Additional Tips for Organisations
- Staff Training: Educate your employees about the risks of phishing attacks and how to spot suspicious emails.
- Network Segmentation: Segment your network to limit the potential spread of malware if an attack succeeds.
- Endpoint Detection and Response (EDR): Invest in EDR solutions to enhance threat detection and incident response.
Security updates play a crucial role in protecting against cyber threats. By applying patches regularly and practicing good cyber security hygiene, you can greatly reduce your risk.
Related articles
Oasis Ticket Sales Scams: How to Stay Safe
During our weekly meetings with the banking industry and Police Scotland, we continue to see a significant increase in ticket scams over the last three…
Alert: Unpatched Microsoft Office Vulnerability Exposes NTLM Hashes
Microsoft has recently disclosed a significant security vulnerability affecting multiple versions of its Office suite, including Office 2016, Office 2019, Office LTSC 2021 and Microsoft…