NETSYNTROPY

Time to make sure that you are not allowing macros to execute by default on office apps.

BleepingComputer: PDF smuggles Microsoft Word doc to drop Snake Keylogger malware.

PDF smuggles Microsoft Word doc to drop Snake Keylogger malware Threat analysts have discovered a recent malware distribution campaign using PDF attachments to smuggle malicious Word documents that infect users with malware.

Happy new year!

Need a log4j scanner? Check out this one.

GitHub - cisagov/log4j-scanner: log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities. log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities. ...

Looking to learn more about zero trust, start by reading this excellent article on Dark Reading:

Zero Trust: An Answer to the Ransomware Menace? Zero trust isn't a silver bullet, but if implemented well it can help create a much more robust security defense.

Another high profile tech outage just hours after a CNN interview with a Facebook whistle blower.

What Happened to Facebook, Instagram, & WhatsApp? – Krebs on Security October 4, 2021 3 Comments Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages. We don’t yet know why this happened, but the how is clear: Earlier this morning, something inside Facebook caused the company to revoke key digital records that tell com...

Ever wonder if your data closets and server room doors are secure?

[979] Reaching UNDER a Door To Open It? (With Deviant Ollam) https://www.covertinstruments.comThis video was shot at the Red Team Alliance east coast training facility, where both government and civilian specialists le...

If you are running Citrix or other remote worker systems this patch should be on the top of your list to remediate. Should should also consider removing chrome browser and use Edge instead.

Security Update Guide - Microsoft Security Response Center

If you are using Active Directory certificate services check this out

https://isc.sans.edu/forums/diary/Active+Directory+Certificate+Services+ADCS+PKI+domain+admin+vulnerability/27668/

Four of the most targeted vulnerabilities in 2020 affected remote work, VPNs, or cloud-based technologies. Many VPN gateway devices remained unpatched during 2020, with the growth of remote work options challenging the ability of organizations to conduct rigorous patch management.

Mitigations and Indicators of Compromise
One of the most effective best practices to mitigate many vulnerabilities is to update software versions once patches are available and as soon as is practicable. If this is not possible, consider applying temporary workarounds or other mitigations, if provided by the vendor. If an organization is unable to update all software shortly after a patch is released, prioritize implementing patches for CVEs that are already known to be exploited or that would be accessible to the largest number of potential attackers (such as internet-facing systems). This advisory highlights vulnerabilities that should be considered as part of the prioritization process. To further assist remediation, automatic software updates should be enabled whenever possible.

NetSyntropy Information Security Consulting with Limitless Potential IT Security Assessments and Project Services to Managed Services, our experts are here to help. LET'S TALK WHAT WE DO...We offer a variety of services to our clients including IT SECURITY ASSESSMENTS Pe*******on Testing Threat Hunting NIST pub...

Netsyntropy, where process and technology helps you Outsmart Chaos.