As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
This week there is a new critical alert that requires the mission-critical community’s immediate attention.
Advisory overview
Qualys’s research team discovered a pair of vulnerabilities in the Linux operating system (OS). While one is a local privilege escalation (LPE) vulnerability, the other is a stack-exhaustion, denial-of-service (DOS) vulnerability in the system. Both can be exploited by an unauthorized user. Both vulnerabilities affect an integral part of the Linux operating system, which increases the need for remediation. A patch has been released for both vulnerabilities and should be immediately applied.
Topics: Cybersecurity
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
This week there is a new alert that requires the mission-critical community’s immediate attention.
Last week, security researchers mistakenly published proof-of-concept (PoC) exploit code, which has since been dubbed “PrintNightmare.” The vulnerability exploits a critical flaw in Microsoft’s print spooler service. Microsoft has issued out-of-band security updates to address the flaw and has rated it as critical as attackers can remotely execute code with system-level privileges on affected machines.
Topics: Cybersecurity
Earlier this year, we ramped up our cybersecurity efforts by launching a series of monthly video chats in which we summarize the most recent threats, share information from entities such as the Federal Bureau of Investigation (FBI) and the Cybersecurity Infrastructure Security Agency (CISA), and offer tips for preventing cyberattacks and mitigating them if they occur. This month’s Cyberchat video, which can be viewed below, contains some important information that public-sector and critical infrastructure agencies need to have.
Double-encryption ransomware attacks, which typically include cyberattackers encrypting a target’s data twice, at the same time or shortly after each other, are on the rise. In this month’s video, we explore how agencies can mitigate the risk of a double-encryption attack and begin the rebuilding process if one occurs.
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
Having attended dozens of educational conferences over the decade that I served as editor-in-chief of Urgent Communications and Fire Chief magazines, I know an excellent one when I see it—and I can report without fear of contradiction that the second-annual Conference for Advancing Public Safety (CAPS)—being presented by Mission Critical Partners (MCP) on June 15-16—is shaping up to be an excellent educational event.
Cyberattacks should be on the radar of every agency in the public-safety/justice community. One of the most prevalent attacks involves ransomware, which is a specific type of malware that cyberattackers use to exploit a system vulnerability and then launch a program that encrypts the organization’s data files, essentially locking them and rendering them unusable. The cyberattacker then demands a ransom—hence the name—to provide the key that unlocks the files.
Network and system endpoints, i.e., workstations and servers, are the most vulnerable network and system elements because they directly interface with the applications that we use. Those applications act as gateways into those endpoints and thus are used by cyberattackers to deliver the malware that will enable them to carry out their nefarious missions. This is especially true of ransomware, which targets files and data that are accessible on or from those endpoints. The cyberattacker’s goal is to gain access and control of as many endpoints as possible.
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
This week there is a new critical alert that requires the mission-critical community’s immediate attention.
Advisory overview
Microsoft’s Patch Tuesday release for May 2021 includes a Windows update that will remediate a multitude of vulnerabilities. The update will patch 55 vulnerabilities; one is critical, 50 are important, and one is moderate. It also includes patches for three zero-day vulnerabilities that are identified below. MCP recommends updating all Windows machines to apply these patches and remediate the vulnerabilities.
Posted by Mike Beagles
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
This week there is a new critical alert that requires the mission-critical community’s immediate attention.
Hacker group UAS recently had 1.3 million Remote Desktop Protocol (RDP) credentials, i.e., usernames and passwords, for Windows servers leaked by security researchers. The compromised credentials could allow a cyberattacker to log into a compromised RDP server. It is imperative to apply best security practices when handling Windows RDP servers, to prevent cyberattackers from accessing confidential information and granting more insight into a network. Such practices include a strong password policy and ensuring that RDP in not open to the internet.
Topics: Cybersecurity, IT and Network Support
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
A constant in the public safety community is that agencies, no matter where they are located, inevitably will encounter a crisis that will affect, or even disrupt, their operations. Hurricanes, wildfires, tornadoes, hazardous materials spills, cyberattacks, network outages and system failures—even a pandemic every century or so—can wreak havoc on an agency’s mission-critical operations. Consequently, it is imperative that every public safety agency has a crisis preparedness plan. This is particularly true of emergency communications centers that field 911 calls from the public and then dispatch the appropriate emergency response.
How can we support your mission? From design and procurement to building and management, our national team of experts is here to help…because the mission matters.
A: 690 Grays Woods Blvd., Port Matilda, PA 16870
P: 888.862.7911
