Cybersecurity Threat Advisory: Microsoft Critical Remote Code Execution Vulnerability

Advisory Overview

The Cybersecurity and Infrastructure Security Agency (CISA), a unit of the Department of Homeland Security (DHS), has issued an alert regarding an advisory released by Microsoft concerning a critical remote code execution vulnerability.

Cybersecurity Threat Advisory: ‘Dirty Pipe’ Linux Vulnerability Provides Easy Privilege Escalation

Advisory Overview

Security researchers discovered and released information to the public regarding new vulnerabilities and kernel-level exploits. The vulnerabilities — CVE-2022-049 and CVE-2022-0847 — are two of the highest-severity exploits and affect out-of-date Linux distributions, aka “distros.”

Cybersecurity Threat Advisory: Heightened Threat Activity Expected as Global Conflicts Intensify

Advisory Overview

This week there is a new critical alert that requires the mission-critical community’s immediate attention. As tensions continue to rise between Russia and Ukraine, cyberattackers have targeted the Ukrainian government and other Ukrainian organizations.

Cybersecurity Threat Advisory: Continued Log4j Scanning Activity

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

Cybersecurity Threat Advisory: Critical Java Zero-Day Vulnerability

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week there is a new critical alert that requires the mission-critical community’s immediate attention.

Advisory Overview

A critical remote code vulnerability has emerged in Log4j, a Java logging package that is used in numerous software products and platforms from organizations like Apache, Apple, Twitter, Tesla, and Steam. This vulnerability impacts almost every Java application that writes logs using this library. Apache has released a patch for this vulnerability, which is being tracked as CVE-2021-44228. MCP recommends applying this patch immediately to protect your organization.

Cybersecurity Threat Advisory: Fortinet and Microsoft Exchange Vulnerability Exploits

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

Cybersecurity Threat Advisory: BlackMatter Ransomware

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

Cybersecurity Threat Advisory: Disguised Windows Files and Documentation

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

Today there is a new critical alert that requires the mission-critical community’s immediate attention.

Advisory Overview

Security researchers have discovered recent attempts by cyberattackers to infect machines with malicious Microsoft Word documents containing VBA macros and JavaScript — their goal is to plant a backdoor and create persistence. These documents are disguised as documentation or information related to the new Windows 11 Alpha release to entice users into interacting. The key recommendation to remediate the threat is to block the indicators of compromise (IOCs) identified in this advisory.

Implementing a Cybersecurity Training Program is the First Line of Defense

Cybersecurity has become a huge problem for any organization that is operating networks and/or systems, but especially so for those in the government sector, particularly public-safety and justice agencies.

Are Cloud-Based Solutions Right for Your Agency?

A lot of people in the public safety/justice/public sector sectors are talking about cloud-based solutions these days. It is easy to understand why there is so much chatter because solutions that live in the cloud offer some impressive benefits. Here are just a few:

• Cloud-based solutions typically offer best-of-breed technologies and services
• Cloud-based solutions remove the maintenance and upgrade burden from the end user from a technology perspective
• Cloud-based solutions often make it easier to share resources regionally or even broader compared with siloed, on-premises solutions
• Cloud-based solutions typically offer enhanced resiliency and redundancy compared with on-premises solutions
• Cloud-based solutions often make it easier for agencies to transfer operations to another location in “bug out” scenarios
• Cloud-based solutions are easier and faster to scale —both up and down, based on the agency’s needs at any given juncture — compared with on-premises solutions
• Cloud-based solutions typically are more secure, because providers often have greater information technology and cybersecurity resources and assets to draw upon

Cybersecurity Threat Advisory: LockBit Ransomware

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

Cybersecurity Threat Advisory: Cisco Releases Patches for Multiple Security Vulnerabilities

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.