Prior to the Labor Day holiday, the Cybersecurity & Infrastructure Security Agency released information regarding a recent trend of ransomware attacks taking place over holiday weekends, when the attackers believe that IT and Security teams may be on vacation or not paying as close attention to their networks. In May 2021, leading into Mother’s Day Continue Reading
CMA Blog
Thoughts and updates on everything CMA
Category Archives: Security Alerts
PrintNightmare, Critical Windows Print Spooler Vulnerability
The CERT Coordination Center and CISA are warning all IT administrators about a remote code execution vulnerability in the Windows Print Spooler service. This vulnerability has PoC exploit code that has been published, making the risk of attack high. An attacker can exploit this vulnerability, nicknamed PrintNightmare, to take control of an affected system. CISA Continue Reading
New Security Advisory on DarkSide Ransomware-as-a-Service
The CISA and FBI have released a joint advisory detailing the threats posed by a new Ransomware-as-a-Service (RaaS) variant, referred to as DarkSide. DarkSide was recently used in a ransomware attack against a critical infrastructure company and the CISA, and FBI see these attacks as growing in the near future. The advisory contains a number Continue Reading
Microsoft Announces Critical Exchange Server Vulnerability – Patch ASAP
Microsoft has announced a critical vulnerability in Exchange Server currently being exploited by HAFNIUM. Microsoft recommends applying patches for your installed version of Exchange in the link below: https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2021-exchange-server-security-updates/ba-p/2175901
CISA Alert on Ongoing Threat Activity in Cloud Environments
CISA has evidence on ongoing APT activity in cloud environments as a result of recent widespread compromises. They have released details of this activity as well as ways to detect and monitor for it in cloud environments. See the link below for more details on how to monitor your cloud environments for this type of Continue Reading