Cybersecurity Threat Advisory: Microsoft Patch Tuesday – May 2021

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week there is a new critical alert that requires the mission-critical community’s immediate attention.

Advisory overview

Microsoft’s Patch Tuesday release for May 2021 includes a Windows update that will remediate a multitude of vulnerabilities. The update will patch 55 vulnerabilities; one is critical, 50 are important, and one is moderate. It also includes patches for three zero-day vulnerabilities that are identified below. MCP recommends updating all Windows machines to apply these patches and remediate the vulnerabilities.

MCP Launches Video Chats to Keep Clients Current on Cybersecurity Threats

Cybersecurity threats and issues are increasing and evolving continuously, seemingly at warp speed. It is difficult to keep up with it all—but it is imperative that every organization does everything possible to protect its networks, systems and devices from cyberattacks. This is especially true of organizations that provide mission-critical, life-saving services, e.g., law enforcement agencies, fire/rescue departments, emergency medical services agencies and emergency communications centers, aka 911 centers.

Cybersecurity Threat Advisory: FortiOS Vulnerabilities

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

Cybersecurity Threat Advisory: Critical Microsoft Exchange Server Vulnerabilities

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week there is a new critical alert that requires the mission-critical community’s immediate attention.

Advisory overview

Microsoft released several security updates due to targeted attacks against vulnerabilities found in Microsoft Exchange Server (versions 2013, 2016, and 2019). Though the attacks appear to be limited, Microsoft is urging the immediate updating of all affected systems to mitigate the vulnerabilities and further abuse within networking environments where Exchange servers are being used. Microsoft attributes the activity to a cyberattack group known as “Hafnium.”

Cybersecurity Threat Advisory: Apple iOS Zero-Day Vulnerabilities Exploited in Wild

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week there is a new critical alert that requires the mission-critical community’s immediate attention.

Advisory Overview

Apple announced that it has learned of three zero-day vulnerabilities affecting its iOS (formerly iPhone operating system). One of the vulnerabilities (CVE-2021-1782) affects the system kernel, allowing for privilege escalation; the other two (CVE-2021-1870, CVE-2021-1871) are present within the system’s WebKit Safari browser, allowing for remote code execution (RCE). According to Apple, all vulnerabilities have been patched in iOS 14.4.

Cybersecurity Threat Advisory: Threat Actors Abusing Windows RDP Servers

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week there is a new critical alert that requires the mission-critical community’s immediate attention.

Advisory Overview

The Remote Desktop Protocol (RDP) service for Microsoft Windows devices operating on User Datagram Protocol (UDP) port 3389 can be used in an amplified attack, potentially resulting a distributed denial of service (DDoS) attack on a target. A system that is involved in, or is the target of, such an attack could experience partial or total degradation in usability. It is recommended that RDP services be available exclusively via virtual private network (VPN) services. If that is impossible, then RDP via UDP port 3389 should be blocked.

The Seven Best Cybersecurity Resolutions for the New Year

Cybersecurity continues to be a persistent problem for government agencies, including those operating in the public safety and justice sectors. These entities must be constantly vigilant in their efforts to prevent breaches, a task made incredibly difficult given the ingenuity of cyberattackers, the fact that the number of attacks continues to increase at a dizzying pace, and the reality that attack vectors evolve seemingly by the hour. Nevertheless, while fighting the battle isn’t easy, it is essential.

Cybersecurity Advisory: SolarWinds Orion Compromise Updates

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

Government and private-sector organizations continue to release updates concerning a variety of topics related to the SolarWinds Orion compromise. In December, SolarWinds Orion, a prominent information technology (IT) monitoring and management solution, was compromised via a backdoor exploit by a sophisticated state-sponsored cyberattacker. The application was discovered to be communicating with unknown third-party servers through traffic deliberately designed to mimic normal activity. This compromise was highly sophisticated and affects many public and private organizations across the world.

In this article, we have provided information regarding several important SolarWinds-related developments.

2020—Year in Review

The year 2020 was fraught with challenges, most notably those generated by the COVID-19 pandemic. Public safety and justice agencies from coast to coast were forced to implement, virtually overnight, new operational strategies that became necessary because employees were unable to work in their brick-and-mortar facilities, either due to illness or various shelter-in-place orders. In some cases, agencies had to rapidly execute protective measures for those employees who could arrive at work, driven by social-distancing mandates.

Cybersecurity Threat Advisory: Egregor Ransomware

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week, there is a new critical alert that requires the mission-critical community’s immediate attention.

Advisory Overview

The ransomware-as-a-service variant “Egregor” is spiking across the cybersecurity and information technology (IT) landscape after the shutdown of the notorious Maze ransomware campaign. Some major organizations have fallen victim to the malware, including Kmart, Cencosud (a retail giant in South America), Randstad NV (the world’s largest staffing company and owner of Monster.com), and Translink (Vancouver’s bus and rail transportation system).

The ransomware has been seen hijacking printers and repeatedly printing the ransom note. In the case of retail organizations, the ransom note has been printing on consumers’ receipts at checkout. Mission Critical Partners recommends deploying advanced endpoint protection to block ransomware pre-execution.

Cybersecurity Threat Advisory: Ryuk Ransomware Activity Targeting the Healthcare and Public Health Sector

As part of our effort to inform our clients about potentially serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

MCP's Lifecycle Management Services Have Come A Long Way in Just Five Years

According to the old saying, time flies when one is having fun. The adage also applies when a new business unit is being built.

A little more than five years ago—has it really been that long?—MCP landed its first network monitoring contract, which marked the birth of our Lifecycle Management Services division. The initial concept for MCP to get involved in this business was the brainchild of Dave Boyce, with a helpful push from Brian Bark. It all started when the Pennsylvania Region 13 Task Force decided that once their Emergency Services Internet Protocol Network (ESInet) was complete, the region needed to monitor the ESInet. Because MCP subject matter experts had designed and deployed the network, Region 13 asked us for help in securing a monitoring service. The search didn’t go well. There weren’t many options, and those that were qualified to do the work were seeking fees that were markedly cost prohibitive, or they wanted to monitor only a specific network segment.

That’s when the proverbial lightbulb went on. “Maybe there’s a way that we can do this ourselves,” Dave said.