As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
Topics: Cybersecurity, Network Management
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
Today there is a new critical alert that requires the mission-critical community’s immediate attention.
Security researchers have discovered recent attempts by cyberattackers to infect machines with malicious Microsoft Word documents containing VBA macros and JavaScript — their goal is to plant a backdoor and create persistence. These documents are disguised as documentation or information related to the new Windows 11 Alpha release to entice users into interacting. The key recommendation to remediate the threat is to block the indicators of compromise (IOCs) identified in this advisory.
Microsoft released a mitigation for a vulnerability that exists in the Windows 10 operating system that can be exploited against Office 365 and Office 2019. Identified as CVE-2021-40444, this vulnerability could allow attackers to execute arbitrary code on a device if exploited. Because Microsoft Office is used and trusted by millions worldwide, attackers potentially could launch very-large-scale attacks; accordingly, this vulnerability has a severity rating of 8.8 out of 10. Recommendations from Mission Critical Partners to prevent devices from becoming susceptible to this vulnerability are below.
Topics: Cybersecurity
In my previous blog on cybersecurity, I provided a high-level perspective on the cybersecurity environment for justice organizations today. I noted that the environment is worrisome — it is a virtual certainty that cyberattackers, at this very moment, are looking for a way to infiltrate your organization’s networks and systems.
But I promised a progression (crawl, walk, run) that you can employ immediately to quickly begin thwarting cyberattackers and protecting your networks and systems, as well as the critical data and applications that run on them. This strategy is based on industry best practices and thought leadership to which MCP has actively contributed.[1]
Cybersecurity has become a huge problem for any organization that is operating networks and/or systems, but especially so for those in the government sector, particularly public-safety and justice agencies.
A lot of people in the public safety/justice/public sector sectors are talking about cloud-based solutions these days. It is easy to understand why there is so much chatter because solutions that live in the cloud offer some impressive benefits. Here are just a few:
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
This week there is a new critical alert that requires the mission-critical community’s immediate attention.
Advisory overview
Qualys’s research team discovered a pair of vulnerabilities in the Linux operating system (OS). While one is a local privilege escalation (LPE) vulnerability, the other is a stack-exhaustion, denial-of-service (DOS) vulnerability in the system. Both can be exploited by an unauthorized user. Both vulnerabilities affect an integral part of the Linux operating system, which increases the need for remediation. A patch has been released for both vulnerabilities and should be immediately applied.
Topics: Cybersecurity
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
This week there is a new alert that requires the mission-critical community’s immediate attention.
Last week, security researchers mistakenly published proof-of-concept (PoC) exploit code, which has since been dubbed “PrintNightmare.” The vulnerability exploits a critical flaw in Microsoft’s print spooler service. Microsoft has issued out-of-band security updates to address the flaw and has rated it as critical as attackers can remotely execute code with system-level privileges on affected machines.
Topics: Cybersecurity
Earlier this year, we ramped up our cybersecurity efforts by launching a series of monthly video chats in which we summarize the most recent threats, share information from entities such as the Federal Bureau of Investigation (FBI) and the Cybersecurity Infrastructure Security Agency (CISA), and offer tips for preventing cyberattacks and mitigating them if they occur. This month’s Cyberchat video, which can be viewed below, contains some important information that public-sector and critical infrastructure agencies need to have.
Double-encryption ransomware attacks, which typically include cyberattackers encrypting a target’s data twice, at the same time or shortly after each other, are on the rise. In this month’s video, we explore how agencies can mitigate the risk of a double-encryption attack and begin the rebuilding process if one occurs.
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
How can we support your mission? From design and procurement to building and management, our national team of experts is here to help…because the mission matters.
A: 690 Grays Woods Blvd., Port Matilda, PA 16870
P: 888.862.7911
