The Federal Bureau of investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have released a joint advisory warning that 3 Fortinet CVEs (CVE 2018-13379, CVE-2020-12812, and CVE-2019-5591) are being leveraged to gain a foothold in government agency and commercial networks to be exploited in the future.
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00Heidi Gerken, Senior Sales Engineerhttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngHeidi Gerken, Senior Sales Engineer2021-04-15 16:55:502021-09-05 13:33:40Old Fortinet Flaws are being used to breach federal and commercial networks
F5 has released patches for several BIG-IP and BIG-IQ critical vulnerabilities. CVE-2021-22986 is the most critical since it allows unauthenticated attackers with network access to use the iControl REST interface, via the BIG-IP management interface and self IP addresses, to execute system commands that could lead to complete system compromise.
Multiple news sources, security researchers and security agencies have reported on a new attack against tens, if not hundreds, of thousands of Internet accessible Exchange servers configured for Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Outlook Web App (OWA) access. These attacks are being carried out by the China nation/state sponsored hacking group known as Hafnium.
The U.S. National Security Agency published a report detailing the top 25 vulnerabilities consistently being scanned, targeted, and exploited by Chinese state-sponsored hacking groups. All 25 vulnerabilities are known and have patches available from their vendors.
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00Bill Burge, Sr. Network Security Engineerhttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngBill Burge, Sr. Network Security Engineer2021-02-19 10:00:252021-09-05 13:41:30NSA publishes list of top vulnerabilities currently targeted by Chinese hackers
All cybersecurity news events, like the recent disclosure of compromise involving SolarWinds Orion by APT 29, aka “Cozy Bear,” cause CISOs to ask the same initial questions:
Do I have this problem? Where? What are the consequences?
In this instance, the attack is extremely sophisticated, and quite alarming – it’s a supply chain attack, involving […]
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00Dr. Mike Lloyd, CTO, RedSealhttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngDr. Mike Lloyd, CTO, RedSeal2020-12-16 12:19:342020-12-23 13:43:01Lessons for All of Us From the SolarWinds Orion Compromise
The DoD’s Defend Forward operational concept has been rolling out over the past few years. Policy makers and cyber defenders in government realized that, as the situation in Afghanistan led directly to the rise of Al-Qaeda and the 9-11 attacks, the situation in cyberspace was going to lead to crippling […]
I’ve been in cybersecurity for 19 years and love the field. It’s technically a very challenging problem to solve and the stakes are extremely high. Those of us in this field are defending the foundation of the information age. We are protecting the money in people’s bank accounts, their personal privacy and dignity, and even […]
Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) have a known vulnerability – CVE-2020-3452. This security vulnerability can allow an unauthenticated attacker to remotely conduct a directory traversal attack as well as read sensitive files on a targeted system.
Exploiting this vulnerability, the attacker can view files […]
Cybersecurity Maturity Model Certification (CMMC) is a tiered system in which defense contractors—or any organization holding Controlled Unclassified Information (CUI) must be vetted by a third-party assessor on a five-level scale to determine the maturity of their enterprise security. This requires companies that do business with the Department of Defense to protect their data since […]
Working on a Red Team is frustrating. I know, I was on one.
Red Teams work hard penetrating systems, gathering data and presenting findings to senior management only to get strongly dismissive responses- “So what?” This is frequently followed by an order to not to share detailed information with the Defensive Cyber Operations (DCO) teams […]
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00Wayne Lloyd, Federal CTO, RedSealhttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngWayne Lloyd, Federal CTO, RedSeal2020-08-10 11:35:532020-08-10 23:51:51‘Red Teams’ Need to Deliver Context — Let’s Help Them
Test Drive RedSeal Stratus—the worlds's most accurate and actionable access and exposure CSPM tool -Sign Up
Old Fortinet Flaws are being used to breach federal and commercial networks
/by Heidi Gerken, Senior Sales EngineerThe Federal Bureau of investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have released a joint advisory warning that 3 Fortinet CVEs (CVE 2018-13379, CVE-2020-12812, and CVE-2019-5591) are being leveraged to gain a foothold in government agency and commercial networks to be exploited in the future.
F5 Server iControl REST unauthenticated remote command execution vulnerability
/by Heidi Gerken, Senior Sales EngineerF5 has released patches for several BIG-IP and BIG-IQ critical vulnerabilities. CVE-2021-22986 is the most critical since it allows unauthenticated attackers with network access to use the iControl REST interface, via the BIG-IP management interface and self IP addresses, to execute system commands that could lead to complete system compromise.
Microsoft Releases Fixes for 4 Zero Day Exchange Server Vulnerabilities
/by Bill Burge, Sr. Network Security EngineerMultiple news sources, security researchers and security agencies have reported on a new attack against tens, if not hundreds, of thousands of Internet accessible Exchange servers configured for Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Outlook Web App (OWA) access. These attacks are being carried out by the China nation/state sponsored hacking group known as Hafnium.
NSA publishes list of top vulnerabilities currently targeted by Chinese hackers
/by Bill Burge, Sr. Network Security EngineerThe U.S. National Security Agency published a report detailing the top 25 vulnerabilities consistently being scanned, targeted, and exploited by Chinese state-sponsored hacking groups. All 25 vulnerabilities are known and have patches available from their vendors.
Lessons for All of Us From the SolarWinds Orion Compromise
/by Dr. Mike Lloyd, CTO, RedSealAll cybersecurity news events, like the recent disclosure of compromise involving SolarWinds Orion by APT 29, aka “Cozy Bear,” cause CISOs to ask the same initial questions:
Do I have this problem? Where? What are the consequences?
In this instance, the attack is extremely sophisticated, and quite alarming – it’s a supply chain attack, involving […]
Supporting the DoD’s Defend Forward Initiative
/by Wayne Lloyd, Federal CTO, RedSealWhat is Defend Forward?
The DoD’s Defend Forward operational concept has been rolling out over the past few years. Policy makers and cyber defenders in government realized that, as the situation in Afghanistan led directly to the rise of Al-Qaeda and the 9-11 attacks, the situation in cyberspace was going to lead to crippling […]
Why I Chose RedSeal
/by Bryan Barney, RedSeal CEOI’ve been in cybersecurity for 19 years and love the field. It’s technically a very challenging problem to solve and the stakes are extremely high. Those of us in this field are defending the foundation of the information age. We are protecting the money in people’s bank accounts, their personal privacy and dignity, and even […]
High Severity Security Flaw with Cisco ASA: Find It and Prioritize Patching Quickly
/by Debra Baker, CISSP CCSPRedSeal Cyber Threat Series
Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) have a known vulnerability – CVE-2020-3452. This security vulnerability can allow an unauthenticated attacker to remotely conduct a directory traversal attack as well as read sensitive files on a targeted system.
Exploiting this vulnerability, the attacker can view files […]
Be Prepared with RedSeal: DOD-Required Cybersecurity Maturity Model Certification
/by Jay BranaganCybersecurity Maturity Model Certification (CMMC) is a tiered system in which defense contractors—or any organization holding Controlled Unclassified Information (CUI) must be vetted by a third-party assessor on a five-level scale to determine the maturity of their enterprise security. This requires companies that do business with the Department of Defense to protect their data since […]
‘Red Teams’ Need to Deliver Context — Let’s Help Them
/by Wayne Lloyd, Federal CTO, RedSealWorking on a Red Team is frustrating. I know, I was on one.
Red Teams work hard penetrating systems, gathering data and presenting findings to senior management only to get strongly dismissive responses- “So what?” This is frequently followed by an order to not to share detailed information with the Defensive Cyber Operations (DCO) teams […]