Along with the surge of people working from home or in hybrid situations over the last few years, there has also been an increase in employers looking for ways to monitor their employees’ work activities to ensure they actually ARE working when remote. This is no surprise given the new “quiet quitting” trend that has […]
Is It Illegal To Track Your Employees’ Activities When They’re Working From Home? Read More »
Original release date: August 26, 2020Notification This report is provided “as is” for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked
MAR-10257062-1.v2 – North Korean Remote Access Tool: FASTCASH for Windows Read More »
Original release date: August 26, 2020 Notification This report is provided “as is” for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is
MAR-10301706-1.v1 – North Korean Remote Access Tool: ECCENTRICBANDWAGON Read More »
Original release date: August 26, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 80, Firefox ESR
Mozilla Releases Security Updates for Firefox and Firefox ESR Read More »
Original release date: August 26, 2020Notification This report is provided “as is” for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked
MAR-10301706-2.v1 – North Korean Remote Access Tool: VIVACIOUSGIFT Read More »
Original release date: August 19, 2020 Notification This report is provided “as is” for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is
MAR-10295134-1.v1 – North Korean Remote Access Trojan: BLINDINGCAN Read More »
Original release date: August 17, 2020 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info apache — http_server Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE 2020-08-07 7.5 CVE-2020-11984 MLIST MLIST MLIST MLIST MLIST MISC MLIST MLIST GENTOO CONFIRM digitus — da-70254_firmware DIGITUS DA-70254 4-Port Gigabit
Vulnerability Summary for the Week of August 10, 2020 Read More »
Original release date: August 20, 2020The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security and operated by MITRE, has released the 2020 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list. The Top 25 uses data from the National Vulnerability Database (NVD) to compile the most frequent
2020 CWE Top 25 Most Dangerous Software Weaknesses Read More »
Original release date: August 14, 2020This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. The Cybersecurity and Infrastructure Security Agency (CISA) has observed cyber actors using emails containing a Microsoft Word document with a malicious Visual Basic Application (VBA)
Phishing Emails Used to Deploy KONNI Malware Read More »
