Today's Headlines and the latest #cybernews from the desk of the #CISO:
Chinese state hackers breached over a dozen US pipeline operators
Atlassian asks customers to patch critical Jira vulnerability
CISA warns of stealthy malware found on hacked Pulse Secure devices
Oracle Releases July 2021 CPU With 342 Security Patches
Dell Patches Critical Vulnerabilities in OpenManage Enterprise
Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows
Story Links:
https://www.bleepingcomputer.com/news/security/chinese-state-hackers-breached-over-a-dozen-us-pipeline-operators/
https://www.bleepingcomputer.com/news/security/atlassian-asks-customers-to-patch-critical-jira-vulnerability/
https://www.bleepingcomputer.com/news/security/cisa-warns-of-stealthy-malware-found-on-hacked-pulse-secure-devices/
https://www.securityweek.com/oracle-releases-july-2021-cpu-342-security-patches
https://www.securityweek.com/dell-patches-critical-vulnerabilities-openmanage-enterprise
https://threatpost.com/kubernetes-cyberattacks-argo-workflows/167997/
“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine
Today's Headlines and the latest #cybernews from the desk of the #CISO:
Hackers Deploying Backdoors on Exchange Servers via ProxyShell Vulnerabilities
Ransomware gang uses PrintNightmare to breach Windows servers
Dozens of STARTTLS Related Flaws Found Affecting Popular Email Clients
Colonial Pipeline reports data breach after May ransomware attack
Hacker Dubbed 'Mr White Hat' to Return Entire Stolen Crypto Fortune
Story Links:
https://www.securityweek.com/hackers-deploying-backdoors-exchange-servers-proxyshell-vulnerabilities
https://www.bleepingcomputer.com/news/security/ransomware-gang-uses-printnightmare-to-breach-windows-servers/
https://thehackernews.com/2021/08/dozens-of-starttls-related-flaws-found.html
https://www.bleepingcomputer.com/news/security/colonial-pipeline-reports-data-breach-after-may-ransomware-attack/
https://www.securityweek.com/hacker-dubbed-mr-white-hat-return-entire-stolen-crypto-fortune
Hacking MFA Webinar with Roger Grimes of KnowBe4, Tuesday, August 24th, ...
Today's Headlines and the latest #cybernews from the desk of the #CISO:
Prometheus, the secret TDS behind some of today’s malware campaigns
Cisco Issues Critical Security Patches to Fix Small Business VPN Router Bugs
LockBit ransomware recruiting insiders to breach corporate networks
Energy group ERG reports minor disruptions after ransomware attack
Story Links:
https://therecord.media/meet-prometheus-the-secret-tds-behind-some-of-todays-malware-campaigns/
https://thehackernews.com/2021/08/cisco-issues-critical-security-patches.html
https://www.bleepingcomputer.com/news/security/lockbit-ransomware-recruiting-insiders-to-breach-corporate-networks/
https://www.bleepingcomputer.com/news/security/energy-group-erg-reports-minor-disruptions-after-ransomware-attack/
“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine
Today's Headlines and the latest #cybernews from the desk of the #CISO:
DeadRinger: A Three-Pronged Attack by Chinese Military Actors against Major Telcos
PyPI Python Package Repository Patches Critical Supply Chain Flaw
Novel Meteor Wiper Used in Attack that Crippled Iranian Train System
This new phishing attack is 'sneakier than usual', Microsoft warns
Chipotle's Email Marketing Account Hacked to Spread Malware
Story Links:
https://www.securityweek.com/deadringer-three-pronged-attack-chinese-military-actors-against-major-telcos
https://thehackernews.com/2021/08/pypi-python-package-repository-patches.html
https://www.zdnet.com/article/microsoft-watch-out-for-this-sneakier-than-usual-phishing-attack/
https://threatpost.com/novel-meteor-wiper-used-in-attack-that-crippled-iranian-train-system/168262/
https://www.securityweek.com/chipotles-email-marketing-account-hacked-spread-malware
“The Microsoft Doctrine” by James Azar now on Substack ...
Today's Headlines and the latest #cybernews from the desk of the #CISO:
Cisco Patches High-Risk Flaw in ASA, FTD Software
D-Link issues hotfix for hard-coded password router vulnerabilities
US and allies officially accuse China of Microsoft Exchange attacks
New Windows print spooler zero day exploitable via remote print servers
Story Links:
https://www.securityweek.com/cisco-patches-high-risk-flaw-asa-ftd-software
https://www.bleepingcomputer.com/news/security/d-link-issues-hotfix-for-hard-coded-password-router-vulnerabilities/
https://www.bleepingcomputer.com/news/security/us-and-allies-officially-accuse-china-of-microsoft-exchange-attacks/
https://www.bleepingcomputer.com/news/microsoft/new-windows-print-spooler-zero-day-exploitable-via-remote-print-servers/
“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine
Firewalla Gold Expert Tip: You can add your own custom DNS over HTTP (DoH) server. In this example, "Cloudflare for Families" was added so that not only are all the DNS queries hidden from my ISP, but lookups to known adult content or malware destinations are dropped. So of course if the device can't get the IP address to talk to, the conversation is over before it could even begin.
Now turn off IPv6. When you have IPv6 enabled, any connection to an IPv6 server will use the DNS service provided by your ISP anyway. That means your DoH efforts will have been largely wasted. If you really need IPv6 enabled for some devices, just create a new VLAN (super easy on the Firewalla) and put those devices into that network, then enable IPv6 only for that VLAN. That or just disable IPv6 on a device-by-device basis, if available/possible.
Finally, go ahead and block all the Google DNS servers entirely from your network with a few simple firewall rules (see screenshots). Some apps build these in, ...
