SMS Routing Company Syniverse Discloses Breach Spanning 5 Years Syniverse claims to be “the world’s most connected company” serving so many large telecommunication companies that it should be assumed that your provider is one of their customers. Their reach is significant, acting as the intermediary for text messages between carriers and routing calls between networks. The … [Read more...]
Azure Linux VMs Vulnerable Due to Pre-Installed Agents
Update 1: OMI agent is not installed on Azure FireboxV/Cloud instances (September 17th, 2021): We reviewed our FireboxV/Cloud instance for Azure and confirmed that the OMI agent cannot be installed on the image. We recommend reviewing the additional guidance Microsoft published on September 16th, 2021 for securing the OMI affected resources/tools. Original Post … [Read more...]
The PrintNightmare Saga Continues to Frustrate System Administrators
Update 1: Third PrintNightmare CVE published (July 16th, 2021): Microsoft published CVE-2021-34481 on July 15th for a local privilege escalation vulnerability. The third Print Spooler service vulnerability is considered separate from PrintNightmare (CVE-2021-34527), but it is still within a similar sphere of printer driver vulnerabilities. Gentilkiwi, the author of … [Read more...]
Exchange Server Vulnerabilities Actively Exploited in the Wild
(Updated 03/10/2021 to include defensive tips) As the cybersecurity community continues to reel with the sweeping effects of the SolarWinds attack, the Microsoft Threat Intelligence Center (MSTIC) has released information about another widespread campaign targeting Exchange servers. It has been found that a state-sponsored threat actor operating out of China, which they are … [Read more...]
SolarWinds Catch-Up
Swift new developments have continued to pour out on the SolarWinds breach. Under normal circumstances it is difficult to keep up to date on the news and especially so with a story that continues to grow. Nevertheless, the Threat Lab team at WatchGuard has been keeping an eye out on the latest updates. Beyond the major players such as FireEye, Microsoft, CISA, and SolarWinds, … [Read more...]
