AA20-020A: Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP

Posted on January 24, 2020January 24, 2020 by CDSB Blog

Summary Note: As of January 24, 2020, Citrix has released all expected updates in response to CVE-2019-19781.[1] On January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller (ADC) and Citrix Gateway versions 11.1 and 12.0.On January 22, 2020, Citrix released security updates for vulnerable SD-WAN WANOP appliances.On January 23, 2020, Citrix released firmware updates for Citrix Read more about AA20-020A: Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP[…]

MAR-10135536-8 – North Korean Trojan: HOPLIGHT

Posted on November 1, 2019November 1, 2019 by CDSB Blog

US-CERT has published Malware Analysis Report (AR19-304A) about North Korean Trojan: HOPLIGHT. SUMMARY This Malware Analysis Report (MAR) is the result of analytic efforts between Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD). Working with U.S. Government partners, DHS, FBI, and DoD identified Trojan malware variants Read more about MAR-10135536-8 – North Korean Trojan: HOPLIGHT[…]

Adobe releases a few security updates

Posted on October 16, 2019October 16, 2019 by CDSB Blog

Adobe released a few security updates to address vulnerabilities in Experience Manager, Acrobat Reader, Acrobat Writer, and Download Manager on October 15, 2019. Any attacker can use these vulnerabilities to take control and attack the systems because Adobe products have free/open access to critical system resources. CDSBureau recommends its readers to evaluate the following Adobe Read more about Adobe releases a few security updates[…]

Internet Crime Complaint Center (IC3) Issues a Ransomware Warning

Posted on October 10, 2019October 16, 2019 by CDSB Blog

The Internet Crime Complaint Center (IC3) has released an alert on ransomware threats to U.S. businesses and organizations. Ransomware is a type of malware designed to deny access to a computer system or data until a ransom is paid. Cyber criminals often infect organizations with ransomware through email phishing campaigns or exploiting vulnerabilities in software Read more about Internet Crime Complaint Center (IC3) Issues a Ransomware Warning[…]

Drupal core – Moderately critical – Cross Site Scripting – SA-CORE-2018-003

Posted on April 20, 2018August 18, 2019 by CDSB Blog

Drupal has released updates addressing a vulnerability in Drupal 8 and 7. A remote attacker could exploit this vulnerability to gain access to sensitive information. CDSBureau encourages Drupal users to review the following information and update their Drupal installation as soon as possible. Date: 2018-April-18 Security risk: Moderately critical 12∕25 AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:Default CKEditor, a third-party JavaScript library Read more about Drupal core – Moderately critical – Cross Site Scripting – SA-CORE-2018-003[…]

Cisco released security updates – Sept 20, 2017

Posted on September 21, 2017September 22, 2017 by CDSB Blog

Reporting date: September 20, 2017 Cisco has released updates to address vulnerabilities that a remote attacker could exploit to take control of an affected system. Multiple Cisco products are affected. CDSBureau encourages Cisco product users / administrators to review the following Cisco Security Advisories and apply the necessary updates: Unified Customer Voice Portal Operations Console Read more about Cisco released security updates – Sept 20, 2017[…]

Apple Releases Security Updates

Posted on September 20, 2017September 22, 2017 by CDSB Blog

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker may exploit some of these vulnerabilities to take control of an affected system. CDSBurea encourages Apple product users and administrators to review the following Apple security pages and apply the necessary updates: iOS 11 Safari 11 tvOS 11 watchOS 4 Xcode Read more about Apple Releases Security Updates[…]

Massive Equifax 2017 data breach could impact millions in USA, UK, and Canada

Posted on September 8, 2017September 9, 2017 by CDSB Blog

Equifax reported that there were a massive data breach that could impact 143 million customers in USA, Canada, and UK. Most of the affected customers are in USA only. The breach started in May 2017 and Equifax learned about this on July 29, 2017. Equifax is providing free credit monitoring for an year to all Read more about Massive Equifax 2017 data breach could impact millions in USA, UK, and Canada[…]

Petya / NoPetya Ransomware is Spreading Across the Globe

Posted on June 27, 2017September 7, 2017 by CDSB Blog

Today June 27, 2017 many Europian countries are reporting to have been hit by Petya / NoPetya ransomware. This was first reported in Ukraine. Its other name is wowsmith123456@posteo.net virus. This ransomware encrypts files on a target computer and asks for ransom in form of Bitcoin. Several transactions have been reported to the associated Bitcoin Read more about Petya / NoPetya Ransomware is Spreading Across the Globe[…]

How to Avoid WannaCrypt or WannaCry 2.0 Ransomware Attack?

Posted on May 13, 2017September 7, 2017 by CDSB Blog

Thousands of computers got infected with WannaCry 2.0/WannaCrypt ransomware on Friday May 12, 2017. This attack is still under progress. Why is it worst? This is one of the worst cyber ransomware attacks that infects the Windows based computers that are not patched with the EternalBlue Windows patch released in March 2017. This ransomware does Read more about How to Avoid WannaCrypt or WannaCry 2.0 Ransomware Attack?[…]