Black Tower Security
02/07/2022
The Cybersecurity and Infrastructure security agency is escalating the need to patch windows systems of the latest January vulnerabilities. If your team hasn’t pushed the patches yet this should be an indication that it’s a high priority.
CISA Adds One Known Exploited Vulnerability to Catalog | CISA CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pos...
01/26/2022
API security is a gap that many businesses overlook. This podcast offers insight into this, rarely considered, real threat that is within nearly every enterprise network in the world.
"The minute you expose a digital system to a public network, the minute you put a new API online, that API is going to be probed, it's going to be attacked within minutes at a relentless pace on an ongoing basis from then on."
Resurface Labs on LinkedIn: Continuous API Security | Rob Dickinson by Tech & Main Presents Continuous API security on Tech & Main podcast: "People need guidance on API security issues. We can't hire fast enough. We need tech to fill that gap....
The FBI released a public advisory regarding an Iranian cyber group. It details their tactics, techniques, and procedures as well as the FBI's recommendations in combatting the group.
“FBI information indicates Emennet poses a broader cybersecurity threat outside of information operations.
Since 2018, Emennet has conducted traditional cyber exploitation activity targeting several sectors, including
news, shipping, travel (hotels and airlines), oil and petrochemical, financial, and telecommunications, in the
United States, Europe, and the Middle East. “
01/25/2022
You may want to harden your linux servers by applying the latest patches. It has been released recently that there’s a bug on every major linux distro that provides attackers root access.
This link provides more details in tracking the exploitation and the bug itself:
https://www.bleepingcomputer.com/news/security/linux-system-service-bug-gives-you-root-on-every-major-distro/
Additionally, we recently published : ‘20 steps to harden your linux server’ if you’d like additional steps you can take to ensure proper security hygiene on your linux servers to help against issues like this you can read about them here:
https://blacktowersec.com/20-steps-to-harden-linux/
01/25/2022
Global Affairs Canada is in the midst of remediation after a breach occurred on January 19th. They shared details today via Twitter:
https://twitter.com/tbs_canada/status/1485800857564336132?s=21
Click here to claim your Sponsored Listing.
Category
Website
Address
33109