NETSYNTROPY

05/25/2022

Time to make sure that you are not allowing macros to execute by default on office apps.

BleepingComputer: PDF smuggles Microsoft Word doc to drop Snake Keylogger malware.

Threat analysts have discovered a recent malware distribution campaign using PDF attachments to smuggle malicious Word documents that infect users with malware.

01/01/2022

Happy new year!

12/23/2021

Need a log4j scanner? Check out this one.

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities. ...

11/22/2021

Looking to learn more about zero trust, start by reading this excellent article on Dark Reading:

Zero trust isn't a silver bullet, but if implemented well it can help create a much more robust security defense.

10/04/2021

Another high profile tech outage just hours after a CNN interview with a Facebook whistle blower.

October 4, 2021 3 Comments Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages. We don’t yet know why this happened, but the how is clear: Earlier this morning, something inside Facebook caused the company to revoke key digital records that tell com...

09/27/2021

Ever wonder if your data closets and server room doors are secure?

https://www.covertinstruments.comThis video was shot at the Red Team Alliance east coast training facility, where both government and civilian specialists le...

09/15/2021

If you are running Citrix or other remote worker systems this patch should be on the top of your list to remediate. Should should also consider removing chrome browser and use Edge instead.

08/22/2021

If you are using Active Directory certificate services check this out

https://isc.sans.edu/forums/diary/Active+Directory+Certificate+Services+ADCS+PKI+domain+admin+vulnerability/27668/

08/19/2021

Four of the most targeted vulnerabilities in 2020 affected remote work, VPNs, or cloud-based technologies. Many VPN gateway devices remained unpatched during 2020, with the growth of remote work options challenging the ability of organizations to conduct rigorous patch management.

Mitigations and Indicators of Compromise
One of the most effective best practices to mitigate many vulnerabilities is to update software versions once patches are available and as soon as is practicable. If this is not possible, consider applying temporary workarounds or other mitigations, if provided by the vendor. If an organization is unable to update all software shortly after a patch is released, prioritize implementing patches for CVEs that are already known to be exploited or that would be accessible to the largest number of potential attackers (such as internet-facing systems). This advisory highlights vulnerabilities that should be considered as part of the prioritization process. To further assist remediation, automatic software updates should be enabled whenever possible.

Information Security Consulting with Limitless Potential IT Security Assessments and Project Services to Managed Services, our experts are here to help. LET'S TALK WHAT WE DO...We offer a variety of services to our clients including IT SECURITY ASSESSMENTS Pe*******on Testing Threat Hunting NIST pub...

08/19/2021

Netsyntropy, where process and technology helps you Outsmart Chaos.