You've probably heard the chatter about CVE-2024-38063 -- the wormable RCE in the Microsoft IPv6 implementation. Obviously, the first thing to do is #patch! After that, it would be worth reviewing how you protect your #MSP tools that you run on-prem. A reverse proxy running an OS different is very useful in protecting against protocol attacks. If you're interested in a security layer like this, we're happy to assist!
Automation Theory’s Post
More Relevant Posts
-
These days, nobody puts servers directly on the Internet—we all use firewalls (we're civilized, after all!). The security landscape has changed a lot since the mid-1990s, when commercial firewalls were introduced, but we still know not to connect naked systems to the Internet. CVE-2024-38063 shows the value of putting a reverse proxy between your MSP tools and the Internet. The TCP connections are actually terminated at the proxy, and since its OS is different, it doesn't expose the vulnerability like a layer 4 firewall does. If your #MSP is experiencing a seasonal lull, it'd be a great time to talk with Automation Theory about implementing modern security layers!
You've probably heard the chatter about CVE-2024-38063 -- the wormable RCE in the Microsoft IPv6 implementation. Obviously, the first thing to do is #patch! After that, it would be worth reviewing how you protect your #MSP tools that you run on-prem. A reverse proxy running an OS different is very useful in protecting against protocol attacks. If you're interested in a security layer like this, we're happy to assist!
-
Cyber Risk Management @ MediaMarktSaturn 🏆 Shaping Cyber Risk & Maturity frameworks for Europe's leading consumer electronics retailer 🌎 Maintainer: allaboutgrc.com
In case you missed it, here is the US Govt's review of the Microsoft Exchange Online Intrusion. Its quite critical of Microsoft's security culture, its handling of the original cause that made the intrusion possible and its own detection capabilities. Juicy bits from page 22 onwards 😉
-
Unicorn in the IT sector, loves to get into the details of hardware and software while still being able to communicate with non Tech stakeholders
Downgrade attack, takes a fully patched Operating System and makes it vulnerable by installing an older un-patched version. This malicious upgrade can be well hidden, making a system believe it is up to date. Same thing is possible for hypervisors (the thing that hosts VMs) Microsoft promises to update the documentation to include how to set the propper flags to prevent this attack. https://lnkd.in/esmiYXuT
-
The truth? Size doesn’t matter in the face of threats. 💡 Arbor Adaptive DDoS Protection ensures that all DNS servers can stand strong against cyberattacks. Discover how its dynamic defense, uninterrupted availability, and custom mitigation can safeguard your network. https://lnkd.in/gxN4J8_N #DDoSProtection #DNSDefense
Defending Your DNS Infrastructure with Arbor Adaptive DDoS Protection | NETSCOUT
netscout.com
-
Threat Intel - Windows Defender SmartScreen To our partners, Blazon's SOC Adversary Pursuit Group is monitoring for activity surrounding a vulnerability in Windows Defender SmartScreen that is actively exploited by threat groups. CVE-2024-21412 is a zero-day vulnerability in Windows Defender SmartScreen that is being exploited by Water Hydra (aka Dark Casino) to drop the DarkMe Remote Access Trojan. The Microsoft security advisory provides information about the attack, and Trend Micro has a write-up describing the activity: • An attacker must send the user a malicious file and convince them to open it. • The attacker can be unauthenticated but must send a specially-crafted file that is designed to bypass security checks. How to Mitigate: • Microsoft patched the vulnerability in the Feb. 13th Patch Tuesday security updates. • Ensure users are trained not to open unexpected files. Important: Blazon's SOC has NOT seen any indicators of compromise in our partners’ environments. Historically, we have seen vulnerabilities continue to be exploited in the wake of patching, especially as headlines cover the vulnerability and threat actors strike unpatched targets of opportunity. Blazon's SOC will continue to actively monitor for any indicators of compromise associated with this vulnerability. We are confident that our experienced MDR analysts and technology will continue to protect your business and clients.
-
#DNS is the backbone of the internet, translating human-friendly names into IP addresses. But it's also a prime target for #DDoS attacks. Safeguard your DNS servers with robust protection to ensure uninterrupted access to online resources. NETSCOUT
Defending Your DNS Infrastructure with Arbor Adaptive DDoS Protection | NETSCOUT
netscout.com
-
#DNS is the backbone of the internet, translating human-friendly names into IP addresses. But it's also a prime target for #DDoS attacks. Safeguard your DNS servers with robust protection to ensure uninterrupted access to online resources. NETSCOUT
Defending Your DNS Infrastructure with Arbor Adaptive DDoS Protection | NETSCOUT
netscout.com
-
#DNS is the backbone of the internet, translating human-friendly names into IP addresses. But it's also a prime target for #DDoS attacks. Safeguard your DNS servers with robust protection to ensure uninterrupted access to online resources. NETSCOUT
Defending Your DNS Infrastructure with Arbor Adaptive DDoS Protection | NETSCOUT
netscout.com
-
#DNS is the backbone of the internet, translating human-friendly names into IP addresses. But it's also a prime target for #DDoS attacks. Safeguard your DNS servers with robust protection to ensure uninterrupted access to online resources. NETSCOUT
Defending Your DNS Infrastructure with Arbor Adaptive DDoS Protection | NETSCOUT
netscout.com
-
#DNS is the backbone of the internet, translating human-friendly names into IP addresses. But it's also a prime target for #DDoS attacks. Safeguard your DNS servers with robust protection to ensure uninterrupted access to online resources. NETSCOUT
Defending Your DNS Infrastructure with Arbor Adaptive DDoS Protection | NETSCOUT
netscout.com
