Common Vulnerabilities and Exposures – October 2022
Critical Zoho ManageEngine RCE Vulnerability On the 22nd September 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) added a critical unauthenticated Remote Code Execution
Hacks – October 2022
September saw a significant number of cyber breaches with Uber, Rockstar Games and Optus all impacted within a week. The attack methods observed in these
Protecting your data – The CIA Triad – Part One: Confidentiality
Understanding the CIA Triad of Information Security – Part One: Confidentiality The modern business landscape continues to evolve each and every day, meaning it’s never
Partner News – Check Point Harmony Offer
Email Security It’s hard to believe – but most organisations are still seeing unwanted, potentially malicious emails in their inboxes. The reasons for this are
AusCERT 2022
The AusCERT Conference is the oldest information security conference in Australia. The event’s theme this year was…. Rethink, Reskill, Reboot….which provided a great conversation starter
Hacks – May 2022 – Follina Zero Day Vulnerability
Tips and Tricks to mitigate and prevent “Follina”: Turn off the preview pane in file explorer and Microsoft Outlook. File explorer – go to the
Common Vulnerabilities and Exposures May 2022 – Follina Zero Day Vulnerability
A new zero-day vulnerability affecting office applications, dubbed “Follina”, has been discovered in the past few days. This vulnerability functions as a “zero click” remote
Supply Chain Risk Management
Gone are the days when enterprise and business assets are secured behind a perimeter of layered security controls. Technology advancement and the boundless need to
Partner News – Check Point Harmony offer
Email Security It’s hard to believe – but most organisations are still seeing unwanted, potentially malicious emails in their inboxes. The reasons for this are
Cyber Security Risk in your Supply Chain
Sensitive information is exchanged in the course of you consuming goods and services to conduct your business. That exchange is increasing in volume and frequency
Common Vulnerabilities and Exposures – CVE-2022-22954 VMware Workspace ONE Access and Identity Manager
CVE-2022-22954 VMware Workspace ONE Access and Identity Manager – remote code execution vulnerability VMware Workspace ONE Access and identity Manager has been affected by a
Hacks – Examples of major Supply Chain attacks
Supply chain attacks occur when a third-party provider of software or hardware is exploited and attackers use this to further infiltrate customers of these providers.
Polkit Vulnerability CVE-2021-4034 (Local privilege escalation vulnerability)
On Tuesday (25 January 2022), Qualys announced a local privilege escalation vulnerability (CVE-2021-4034) affecting several distributions of Linux such as Fedora, Debian, Ubuntu, CentOS and
Hacks – Keep your Operating System safe
TIPS TO KEEP YOUR OPERATING SYSTEM SAFE Apple and Microsoft take great care in providing a safe and secure operating system for you to use
Common Vulnerabilities and Exposures
CVE-2022-24460 – Tablet Windows User Interface Application Elevation of Privilege Vulnerability Released: 8/3/2022 Severity: High Description: An exploit was discovered in Microsoft Windows 10,
Standard Operating Environment (SOE) traps to avoid
Deviations from the norm – Standard Operating Environment (SOE) traps to avoid In the numerous security assessment audits and incident response activities that the Brace168
March 2022 Okta LAPSUS$ security incident
At 2:09pm on the 22nd of March 2022 (AEDT), the advanced persistent threat actor (APT) group “LAPSUS$” released screenshots and claims, on the encrypted messaging
Check Point Harmony Authentication
As we continue to work remotely and consume key business resources as services – the shared responsibility model for these externalised services demands strong and
Hacks – Wiper Malware
The wiper is one of the more damaging malwares whose purpose is to wipe the computer’s hard drive, when it attacks. The first instances of
Common Vulnerabilities and Exposures
CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability Description: The exploit works by spraying an IIS server via several large GET HTTP requests and finishes
Encryption
Cryptography involves turning plaintext into ciphertext (encryption) and then turning ciphertext into plaintext (decryption). Data encryption protects confidentiality and safeguards data integrity. A cryptographic system
Authentication
In Identity Management, the letters AAA stands for Authentication, Authorisation and Accounting. Authentication proves the person’s identity, software application, or technology asset accessing a resource.
CVE-2022-23944: Apache ShenYu (incubating)
CVE-2022-23944: Apache ShenYu (incubating) Improper access control: Severity: Moderate Description: User can access /Plugin API without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.
Hacks – Authentication
Authentication is a prominent aspect of cyber security as it is end user facing and is generally the first step to access most systems. A
Polkit Vulnerability CVE-2021-4034 (Local privilege escalation vulnerability)
On Tuesday (25 January 2022), Qualys announced a local privilege escalation vulnerability (CVE-2021-4034) affecting several distributions of Linux such as Fedora, Debian, Ubuntu, CentOS and
Encryption
Encryption may be a topic that you give passing attention to in response to security advisories but otherwise little else. Rather than providing a summary
Hacks – O365
Microsoft Office is one of the most widely used application suites in the world, but in 2020 there were over one thousand vulnerabilities identified, of
Common Vulnerabilities and Exposures December 2021
CVE-2021-40444 – Microsoft HTML Remote Code Execution Vulnerability Remote code execution vulnerabilities are up there with some of the worst that a company can be
Protect your Microsoft O365 tenant
An organisation’s Microsoft 365 tenant is susceptible to many external and insider threats when not properly configured. At every level of licensing there are at
Log4j Vulnerability
Log4j continues to disrupt global festive season change freezes. On Friday (10 December 2021), NIST announced a remote code execution vulnerability (CVE-2021-44228) https://nvd.nist.gov/vuln/detail/CVE-2021-44228 in the
Hacks – Azure Authentication
Credentials are the key to any system or application as they enable users to securely authenticate to a service and access resources or processes. Credentials
Common Vulnerabilities and Exposures
CVE-2021-42321: Microsoft Exchange Server Remote Code Execution Vulnerability This is a post-authentication remote code execution vulnerability affecting on-premises Microsoft Exchange Server Exchange 2016 and 2019,
Monitoring your Azure environment
A Security Incident Event Management system (SIEM) is a powerful tool used to both store and analyse billions of logs. At Brace168 we have implemented
Common Vulnerabilities & Exposures October 2021
Vulnerability 1: 8.5 High – Palo Alto Networks Buffer Overflow Vulnerability Description: A stack-based buffer overflow vulnerability exists within the Palo Alto Networks GlobalProtect app
Amazon Web Services (AWS) Cloud Solution
Covid-19 was a difficult time for all businesses. Its greatest impact was that it forced us to think outside the box and consider new solutions.
Not For Profit
Cipherpoint and Brace168 are delighted to announce a relationship with Guide Dogs NSW/ACT. Brace168, via its Next Gen Managed Detection and Response (MDR) Security Operation
Partner News – KnowBe4
Brace168 is pleased to partner with KnowBe4 to enhance our offering of security awareness training to our customers. KnowBe4 is the world’s largest integrated security
The Value of Security Performance Reporting
Monthly Reporting Brace168 provides our managed incident response customers with monthly reports that break down the customer’s environment into several security performance measures including External
Hacks
There are seemingly an infinite number of ways to compromise a system. An important premise of security is effort, increasing the effort hackers must take
Common Vulnerabilities & Exposures
Vulnerability 1: DotCMS Remote Code Execution Vulnerability (10.0 Critical) Description: A Remote Code Execution (RCE) vulnerability exists within DotCMS v5.2.3. An RCE attack involves an
Common Vulnerabilities and Exposures August 2021
Vulnerability 1: ManageEngine ADSelfService Plus CSV Injection Vulnerability (9.3 Critical) Description: A CSV injection vulnerability lies within ManageEngine AD Self Service Plus system. A CSV
Hacks August 2021
The first step of any cyber-attack involves an adversary performing reconnaissance activities to understand and gather information about their target’s environment. Commonly this involves performing
Network Firewall
What do the castles of the past and networking devices have in common? Walls. However, as attacks became more sophisticated, it quickly became obvious that
Partner Message Check Point
“EDR has been a common TLA in the tech and cyber lexicon (thanks Gartner) for about 7 years, growing and evolving along the way –
Endpoint Detection and Response
It is easy to get confused in the world of cybersecurity. There is an overabundance of jargon as everyone tries to sell a service rather
Hacks – Cracking web-page authentication
Authentication pages – the first roadblock on a hacker’s route to getting access to your resources. Gone are the days of simply using a username
Common Vulnerabilities & Exposures
Vulnerability 1: Printnightmare Windows Spooler Service (9.0 Critical) Description: The Windows Spooler Service (WSS) holds a Remote Code Execution vulnerability. The WSS is used to implement the
Why is penetration testing important for your business
Do you believe your data is secure? Do you believe your IT infrastructure is safe? Are your web interfaces hardened? These are just a few
Common Vulnerabilities & Exposures June 2021
Vulnerability 1: D-Link Insufficient Credential Protection (7.2 High) Description: D-Link is affected by a credential exposure vulnerability. Credential exposure allows an attacker the ability to
Hacks – Android ADB Exploit
Smartphone devices are the most popular device in the world. Over 1.30 billion smartphones are shipped and sold every year and a further 1.32 billion
Managed Detection & Response
As businesses continue to innovate and grow, so does the complexity of cyberattacks against them. We rely on technology and information systems to run our
Brace168 News AusCERT Conference
What a week and what a thrill to be able to travel to the Gold Coast to be a part of and celebrate the 20th
Hacks – Importance of configuration management
Hackers are smart and know a lot of simple tricks to get around the cybersecurity defences that companies spend a huge amount of dollars and
Partner Message Checkpoint Breakfast
In partnership with Check Point we are very proud to have been a part of the Brace168 and Check Point executive cybersecurity breakfast and information
News U.S Colonial Fuel Pipeline Ransomware Attack
Attackers tend to target major organisations like banks, software companies, vendors & financial firms. On May 7th Colonial Pipeline got attacked. A ransomware attack had
Ransomware A Real World Incident
Late last year Brace168 was engaged to respond to a ransomware attack to conducted incident response services. The ransomware in question was a previously unknown
Common Vulnerabilities & Exposures May 2021
Vulnerability 1: UPDATED Microsoft Exchange Server RCE (9.8 Critical) Description: Microsoft Exchange Server has a new remote code execution vulnerability (RCE). These RCE’s enable an
Brace168 Products Managed Endpoint & Server Security
The one thing that makes an attacker lethal is ‘Time’. Attackers have an exorbitant amount of time when it comes to reconnaissance. This allows them
Your O365 Security Checklist
Are you about to head off for your Christmas break? This O365 security checklist might just save your skin. Microsoft Office 365 is popular because
Here are some of our musings about the Cyber Security industry.
The real question is the cost of not having a cyber security plan. We all hate paying our insurance policies. Trust me, it’s one of
