Pantropic Newsletter #30

Posted April 10, 2024

by Sarah



 




Pantropic Newsletter #30 (March 2024)

Fortinet Warns of Yet Another Critical RCE Flaw

 

Fortinet has sounded the alarms once again after discovering and promptly patching a perilous remote code execution vulnerability in its FortiClient Enterprise Management Server. Designated CVE-2024-48788, the critical flaw could allow nefarious, unauthenticated attackers to execute arbitrary malicious code with system administrator privileges on vulnerable systems simply by crafting specialized requests. Consequently, Fortinet urgently advises organizations to quickly upgrade affected versions to the newly patched release due to the flaw’s alarmingly high severity rating of 9.8 out of 10.

(Source: Dark Reading)

LEARN MORE INFO

Microsoft Reveals Cause of Widespread Windows Server Issue

 

In a concerning development, Microsoft has acknowledged the presence of a critical memory leak vulnerability within its March 2024 Windows Server security updates. This flaw has triggered widespread domain controller crashes across various Windows Server versions from 2012 R2 through the latest 2022 release. Reportedly, the underlying culprit is an issue with the Local Security Authority Subsystem Service (LSASS) process, which has inexplicably caused affected servers to unexpectedly freeze and restart repeatedly. However, Microsoft has assured users that a remedy is actively being developed and will be available in the coming days.

(Source: Techradar)

LEARN MORE INFO

IT Helpdesk Workers Increasingly Targeted by Cybercriminals

 

In an alarming trend researchers are calling the most noteworthy of the past year, cybercriminals have increasingly set their sights on an unlikely target: IT helpdesk workers. Through scheming phishing tactics, these threat actors are duping helpdesk staff into unwittingly resetting passwords, enabling multi-factor authentication overrides, and granting the attackers access to organizational accounts. As this campaign escalates, security experts urgently recommend implementing stringent identity verification measures to strengthen helpdesk interactions and thwart these increasingly prevalent attacks.

(Source: The Register)

LEARN MORE INFO

Singapore Sting: How Russia Listened In on German General

 

Russia allegedly carried out a spying operation by intercepting and leaking an audio recording of a highly sensitive conversation between senior German Air Force officers. The illicit eavesdropping reportedly occurred during a late-night call at a Singapore hotel, capturing the officials candidly discussing sensitive military matters. However, German authorities attribute this security breach to human error, asserting that one of the participants carelessly dialed in over an insecure line, enabling Russian intelligence to listen in without being detected.

(Source: Yahoo! Singapore)

LEARN MORE INFO

Sacramento Law Firm Targets Lantech and Acronis in $1M Lawsuit Over Ransomware Attack

 

In a high-stakes legal battle, the Sacramento-based Mastagni Holstedt law firm has launched a $1 million lawsuit against cybersecurity firms Lantech and Acronis. This drastic action comes after the firm fell victim to a crippling ransomware attack perpetrated by the Black Basta hacking group. Despite contracting Lantech’s services, the firm alleges that unresolved connectivity issues and the deletion of cloud backups under Acronis’s management culminated in a devastating outage, loss of critical data, and ultimately a coerced ransom payment. It underscores the grave risks businesses face and the potential legal repercussions of cybersecurity failures as this formidable case unfolds.

(Source: BNN)

LEARN MORE INFO

Backup and Data Security Solutions

ATEGO® ENTERPRISE

This “white glove” managed service is the next generation secure offsite backup you need right now. We monitor your backups daily, help you troubleshoot any problems, and can assist you with restorations when you need it. Our Data Security Module can perform bi-directional anti-malware scans, content disarm and reconstruction (CDR), and protect your backups with biometric Deep MFA and multi-person workflow, crucial in stopping stolen credential attacks.

CRASHPLAN

Leading desktop and laptop backup solution providing automated and continuous data backup protection with unlimited capacity backup licensing and flexible deployment options. Ensures fast and complete backup and recovery anytime, anywhere.

CROWDSTRIKE FALCON

A next-generation endpoint protection platform using AI and machine learning to effectively stop breaches including true NGAV, endpoint detection and response (EDR), threat intelligence management and automation.

KNOWBE4 

World’s largest security awareness training platform with simulated phishing attacks, educating and empowering employees to strengthen IT security against cybercriminals.

GET IN TOUCH

Copyright © 2024 Pantropic Online Pte Ltd. All rights reserved.