by Scott Muniz | Jul 8, 2021 | Security, Technology
This article is contributed. See the original author and article here.
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
CISA encourages users and administrators to review the following Cisco advisories and apply the necessary updates:
by Scott Muniz | Jul 7, 2021 | Security
This article was originally posted by the FTC. See the original article here.
While American servicemembers stand ready to defend the nation, smalltime scammers and large corporations alike have them in their sights. They follow the money — and they know that military personnel get a steady paycheck and valuable benefits from Uncle Sam. And the eventual transition back to civilian life gives the scammers even more opportunities to target the troops.
For instance, the FTC uncovered that the University of Phoenix (UOP), a massive for-profit university, targeted servicemembers and veterans, among others, by luring them with false promises. Under a settlement reached with the company, UOP paid $50 million in cash and canceled $141 million in debts owed to the school. In another FTC enforcement action, Career Education Corporation was required to return $30 million to students after its agents recruited patriotic Americans using phony government websites like “Army.com” and “NavyEnlist.com” — a ruse to get students in the door. These cases show that you can’t always trust slick websites, or schools that are eager to get you enrolled.
Earlier this year, Congress closed the so-called “90/10” loophole, which gave predatory schools an incentive to target veterans. But enforcers must continue to be vigilant. The FTC works closely with the Department of Veterans Affairs (VA) and refers unfair or deceptive practices to the VA as our investigations uncover them. Schools that prey on veterans should understand that they will face not only enforcement actions by the FTC but also the loss of eligibility for GI and Title IV funds.
There are tools to help veterans, servicemembers, and all kinds of students navigate the education marketplace and blow the whistle on bad actors. If you have a federal student loan and feel like a school misled you or broke the law, apply for loan forgiveness through the Department of Education’s (ED’s) Borrower Defense to Repayment procedures. If you’re getting started (or re-started), ED’s Opportunity Centers are designed to help prospective students (including people of modest means, first-generation college students, and veterans) apply for admission to college and arrange for financial aid and loans. Find one near you. Servicemembers: talk with your Personal Financial Manager to get hands-on help with your next steps. And vets can call the VA’s GI Bill Hotline to discuss questions about education benefits: 1-888-GIBILL (1-888-442-4551), or visit the VA site to learn more.
If you see deceptions like these — during Military Consumer Month, and every month — protect the military and veteran communities by reporting it. Use the VA’s feedback tool to file a complaint about a school and let the FTC know at ReportFraud.ftc.gov.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
by Scott Muniz | Jul 7, 2021 | Security, Technology
This article is contributed. See the original author and article here.
CISA continues to respond to the recent supply-chain ransomware attack leveraging a vulnerability in Kaseya VSA software against multiple managed service providers (MSPs) and their customers. Kaseya has released guidance specifically for customers returning to their VSA software-as-a-service (SaaS) instance after the Kaseya SaaS servers are brought back online. Note: See Kaseya’s Security Notice for the status of their SaaS servers being brought back online.
CISA strongly recommends SaaS Kaseya customers read and implement the Kaseya’s VSA SaaS Best Practices published in Kaseya’s Security Notice before returning to their Kaseya VSA SaaS instance. These mitigations include:
- Review system configurations to confirm administrative user accounts leverage multi-factor authentication (MFA). Note: Kaseya enables MFA by default.
- Implement:
- The principle of least privilege on key network resources admin accounts. Restrict VSA SaaS instances to authorized users based on the principal of least privilege.
- Network segmentation between the SaaS and on-premises environments.
- Allowlisting to limit communication with remote monitoring and management (RMM) capabilities to known IP address pairs, and/or place administrative interfaces of RMM behind a virtual private network (VPN) or a firewall on a dedicated administrative network.
- Configure logging to ensure that all Kaseya SaaS product audit logs—including System logs and Remote Control/Live ConnectVSA logs— and associated network logs are captured and stored —for at least 180 days—in a separate, centralized log aggregation capability.
For additional information about this incident, see the White House statement and the joint CISA-FBI guidance.
by Scott Muniz | Jul 7, 2021 | Security, Technology
This article is contributed. See the original author and article here.
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS A
lock (
) or
https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
by Scott Muniz | Jul 6, 2021 | Security, Technology
This article is contributed. See the original author and article here.
Microsoft has released out-of-band security updates to address a remote code execution (RCE) vulnerability—known as PrintNightmare (CVE-2021-34527)—in the Windows Print spooler service. According to the CERT Coordination Center (CERT/CC), “The Microsoft Windows Print Spooler service fails to restrict access to functionality that allows users to add printers and related drivers, which can allow a remote authenticated attacker to execute arbitrary code with SYSTEM privileges on a vulnerable system.”
The updates are cumulative and contain all previous fixes as well as protections for CVE-2021-1675. The updates do not include Windows 10 version 1607, Windows Server 2012, or Windows Server 2016—Microsoft states updates for these versions are forthcoming. Note: According to CERT/CC, “the Microsoft update for CVE-2021-34527 only appears to address the Remote Code Execution (RCE via SMB and RPC) variants of the PrintNightmare, and not the Local Privilege Escalation (LPE) variant.” See CERT/CC Vulnerability Note VU #383432 for workarounds for the LPE variant.
CISA encourages users and administrators to review the Microsoft Security Updates as well as CERT/CC Vulnerability Note VU #383432 and apply the necessary updates or workarounds. For additional background, see CISA’s initial Current Activity on PrintNightmare.
Recent Comments