The FBI and CISA released a best practices guide for government entities in protecting VPN servers. Check the link at https://media.defense.gov/2021/Sep/28/2002863184/-1/-1/0/CSI_SELECTING-HARDENING-REMOTE-ACCESS-VPNS-20210928.PDF to see their suggestions. SecuriGov can help make sure your organization is adhering to best practices.
Author: Bill
CEO of SecuriGov
Scammers were able to forge documents and compromised email accounts to redirect a payment to the school district. The crime was undetected, and they made out with over 14% of the town’s annual budget. This emphasizes the critical nature of employee training and risk analysis. Request a quote from us to check your public threat vectors and evaluate staff training to see if you’re doing enough for your organization.
Microsoft has issued an advisory for another zero-day Windows print spooler vulnerability tracked as CVE-2021-36958 that allows local attackers to gain SYSTEM privileges on a computer.
This vulnerability is part of a class of bugs known as “PrintNightmare,” which abuses configuration settings for the Windows print spooler, print drivers, and the Windows Point and Print feature.
Microsoft released security updates in both July and August to fix various PrintNightmare vulnerabilities.
However, a vulnerability disclosed by security researcher Benjamin Delpy still allows threat actors to quickly gain SYSTEM privileges simply by connecting to a remote print server, as demonstrated below.
Today, Microsoft issued an advisory on a new Windows Print Spooler vulnerability tracked as CVE-2021-36958
“A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations,” reads the CVE-2021-36958 advisory.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36958
We urge all agencies to patch this ASAP due to the critical nature. Patch management is an important aspect of adherence to best practices, and is one of the items we evaluate as part of our services. Contact us today for a quote to make sure your organization is adhering to best practices.
The Cybersecurity Infrastructure Security Agency (CISA) announced new partnerships with the private sector in order to form the Joint Cyber Defense Collective (JCDC). The collective aims to establish a “shared situational awareness of the threat environment”.
The official press release can be read here.
The new collective will be working initially on ransomware threats, followed afterwards by a focus on cloud security. More information on this partnership can be found here.
We at SecuriGov strongly urge all municipal IT departments to use the CISA Website to enroll in the security briefings, and use their free resources to harden your perimeter.
The Problem with America’s Water Supplies
NBC News did a comprehensive report on the problems with modern municipal SCADA systems. A quote which all municipal leaders should take to heart is “If you could imagine a community center run by two old guys who are plumbers, that’s your average water plant.” https://www.nbcnews.com/tech/security/50000-security-disasters-waiting-happen-problem-americas-water-supplie-rcna1206
Let SecuriGov help you by analyzing your utilities and letting you know what can be done to better protect your infrastructure from attackers.