How to prep for increased Russia-based cyberattacks

Read Time:34 Second

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued a Shields Up advisory in response to the evolving Russia-Ukraine conflict. The agency noted, “The Russian government has used cyber as a key component of their force projection over the last decade,” and warned that Russia might consider actions aimed to disrupt outside of Ukraine.

Should you do anything at this time to protect your firm? There’s no need to scramble and make drastic changes to your network. Rather, use these events as a reason to review your network and plan for future changes. Here’s a list of actions to take:

To read this article in full, please click here

Read More

TCS’ Cyber Defense Suite PaaS offers integrated security to enterprises

Read Time:39 Second

Offering to consolidate cybersecurity services on a single PaaS (platform as a service), Tata Consultancy Services (TCS) has launched Cyber Defense Suite, designed to provide end-to-end threat visibility, extended detection, and automated incident response.

The PaaS, developed to work in multicloud environments, includes security governance risk and compliance support, as well as management capabilities for  digital identity and access, vulnerability remediation, and third-party cyberrisks.

“By offering multiple cybersecurity services across IT ecosystems, synergized into a single platform, the suite allows our customers to have the visibility to manage threats and risks across their entire technology landscape, rather than having to work with disparate platforms, at times from different vendors,” says Santha Subramoni, global head of cybersecurity for TCS.

To read this article in full, please click here

Read More

USN-5309-1: virglrenderer vulnerabilities

Read Time:19 Second

It was discovered that virglrenderer incorrectly handled memory. An
attacker inside a guest could use this issue to cause virglrenderer to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2022-0135)

It was discovered that virglrenderer incorrectly initialized memory. An
attacker inside a guest could possibly use this issue to obtain sensitive
host information. (CVE-2022-0175)

Read More

Dll Hijacking Vulnerability found in Rufus-3.17.1846 from Akeo Consulting

Read Time:24 Second

Posted by YEUNG, Tsz Ko on Feb 28

Hi all,

I would like to disclose a vulnerability that I just found today.

Details below:

Vulnerable Software and Version:

1. Rufus 3.17.1846 executable
2. Rufus 3.17.1846 portable executable

Vulnerable software download link:
https://rufus.ie/en/

https://github.com/pbatard/rufus/releases/tag/v3.17

Date discovered and reported:
25 Feb 2022

Description:
Both Rufus 3.17.1846 executable AND portable executable are suffering from DLL…

Read More

Dll Hijacking Vulnerability found in Rufus-3.17.1846 from Akeo Consulting

Read Time:24 Second

Posted by YEUNG, Tsz Ko on Feb 28

Hi all,

I would like to disclose a vulnerability that I just found today.

Details below:

Vulnerable Software and Version:

1. Rufus 3.17.1846 executable
2. Rufus 3.17.1846 portable executable

Vulnerable software download link:
https://rufus.ie/en/

https://github.com/pbatard/rufus/releases/tag/v3.17

Date discovered and reported:
25 Feb 2022

Description:
Both Rufus 3.17.1846 executable AND portable executable are suffering from DLL…

Read More