Your Cyber Defenses Can Always Be Better
Protect your organization from cyber threats with NIST’s Cybersecurity Framework. This customizable tool helps improve your security posture.
In today’s digital age, cybersecurity is more important than ever. The rise of the internet and the increasing reliance on technology has led to a greater need for effective cybersecurity measures. Unfortunately, cyber threats are constantly evolving, making it difficult for businesses and organizations to keep up. This is where the National Institute of Standards and Technology (NIST) comes in. NIST provides a framework that can help businesses and organizations improve their cyber defenses.
What is NIST?
NIST is a non-regulatory agency of the United States Department of Commerce. Its mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology. One of NIST’s key functions is to develop and promote cybersecurity standards and best practices. NIST is a leader in cybersecurity research and development, and its … Read the rest
5 Critical VMware ESXi Vulnerabilities
It has been alerted; five security vulnerabilities could lead to major potential issues for VMware ESXi customers. This includes command execution and DoS. VMware has issued a critical security update to patch its ESXi customers. Exploitation of these vulnerabilities could give hackers access to virtual machine environments.
VMware suggested that patching ESXi servers immediately is your best option, but you could also remove USB controllers from your VMs as a workaround. However, regarding to this advisory “that may be infeasible at scale and does not eliminate the potential threat like patching does.”
Noted Vulnerabilities
- CVE-2021-22040: Use-after-free vulnerability in XHCI USB controller (CVSS 8.4)
- CVE-2021-22041: Double-fetch vulnerability in UHCI USB controller (CVSS 8.4)
- CVE-2021-22042: ESXi ‘settingsd’ unauthorized access vulnerability (CVSS 8.2)
- CVE-2021-22043: ‘ESXi settingsd’ TOCTOU vulnerability (CVSS 8.2)
- CVE-2021-22050: ESXi slow HTTP POST denial of service vulnerability (CVSS 5.3)
VMware has said that there haven’t seen any attacks in the … Read the rest
How To Install LetsEncrypt SSL Certificates On Omada Controller
In this tutorial you will learn how to install LetsEncrypt SSL certificates for your Omada Controller hosted on Ubuntu 20.04.
Introduction
Omada Controller, TP-Link’s management interface for EAP devices, naturally becomes a crucial platform that benefits significantly from enhanced security measures.
In this tutorial, we will guide you through a detailed, step-by-step process of integrating Let’s Encrypt SSL certificates into your Omada Controller setup. Whether you’re a seasoned network administrator or a newbie just dipping your toes into network security, this guide is tailored to provide clarity and simplicity.
Let’s embark on this journey together, ensuring a safer and more secure Omada Controller experience for you!
Step 1: Generate Certificate
- First, install and refresh the core for snap:
snap install core; sudo snap refresh core
- Next, install certbot:
snap install --classic certbot
- Create a symbolic link for certbot:
ln -s /snap/bin/certbot /usr/bin/certbot
- Generate the certificate:
certbot certonly --standalone --preferred-challenges http
How To Configure Unifi Controller 7.0.22 UDM-PRO Security Settings
In this tutorial you will learn how to configure your Unifi Controller 7.0.22 Network Security Settings so you can properly secure your networks. In this tutorial I will be utilizing a Unifi UDM-Pro on controller version 7.0.22.
Key Knowledge
- GeoIP Filtering is a technology that can block web traffic from entire countries, can be an effective way to stop hackers from attacking your business. As the name suggests, it blocks network connections based on geographic location – information it gets based on IP addresses. This can then be used to filter and prevent both outgoing and incoming connections to and from your network.
- An Intrusion Prevention System (IPS) is a type of engine that identifies malicious traffic by checking the signatures. The signatures contain known traffic patterns or instruction sequences used by malware. This type of signature-based engine can only detect anomalies based on known malicious traffic patterns.
- An Intrusion
Hackers Exploiting Cisco RV VPN Routers
Security researchers have found critical vulnerabilities in Cisco Small Business RV VPN routers. The bugs could allow attackers to take control of the router with root privileges, get access to customer data, and conduct DDOS attacks.
Why are they even still used? Well, the RV series of VPN appliances is affordable and functional. They can easily connect remote workers to a company network with no hassle. Each appliance has a built-in firewall, VPN, encryption, and authentication features.
Cisco disclosed 15 vulnerabilities affecting their RV product line this week. Some of the bugs can be exploited alone, but others can be chained together to lead to a variety of bad outcomes. These issues remain unpatched at the time of writing.
According to Cisco, the bugs affect products that the company makes. Cisco’s advisory said: “An attacker could exploit these vulnerabilities by sending malicious packets to the affected systems.”
- Execute arbitrary
How To Configure Unifi UDM Pro Controller 7.0.22 VPN Access
In this tutorial you will learn how to configure a Unifi UDM Pro Controller 7.0.22 VPN access. I will take you through the process of configuring a VPN Connection and a VPN user on Unifi Controller version 7.0.22 on your UDM Pro and then we will finish with configuring the Windows 11 VPN client.
Let’s start by logged into your UDM PRO Controller 7.0.22.
- Click on Settings
- Now click on VPN
- For VPN Server mark sure its enabled.
- For Pre-shared Key, you can use the default or type your own.
- For Server Address, choose ether wan port or set a static IP Address manually. I will be using (WAN1).
- Now under User Authentication, click on Create a new user.
- You should now see a popup to enter a username and password, afterwards click on the Create User button. Create additional user accounts that you wish to provide
How To Install And Configure Windows Server DHCP Role
In this tutorial you will learn How To Install And Configure Windows Server DHCP Role. We will be using Windows Server 2019 however the concept is the same with Windows Server 2022.
Introduction
The Windows Server DHCP (Dynamic Host Configuration Protocol) role plays a crucial role in managing IP addresses on a network. By automating IP assignment and configuration, DHCP simplifies network administration and ensures efficient connectivity. This guide will walk you through the process of installing and configuring the DHCP role on your Windows Server. From initial setup to advanced configurations, you’ll gain the knowledge and skills needed to effectively manage IP address allocation. Get ready to streamline your network infrastructure and enhance connectivity with this comprehensive tutorial.
Let’s get started with the Installation of the DHCP Role
1.Log into your Windows Server.
2. If not already opened, open up Server Manager.
3. Click Add roles and features… Read the rest
How to Configure Unifi UDM PRO DHCP Relay To Use Windows Server DHCP
In this tutorial you will learn How to Configure Unifi UDM PRO DHCP Relay To Use Windows Server DHCP. This will come handy when you want your Windows Server to be the DHCP provider. This tutorial is based on Unifi Controller version 6.5.55.
Let’s get started.
First make sure you are running the latest controller version. At the time of this publication, it is 6.5.55. I will be progressing through this tutorial under the impression you already have a Windows DHCP Server already running. If that is not configured click: How To Install And Configure Windows DHCP Server.
1. Log into your UDM Pro using unifi.ui.com or its IP address.
2. Access the Unifi Controller and click Settings 
3. Click on Networks. Now you should be presented with all your current networks maybe even just the Default LAN if your UDM Pro is coming right out of the … Read the rest
Windows Update deploying malware powered by GitHub C2 Server
According to a report from Malwarebytes on Thursday, North Korean cyber-espionage group’s latest attack was found to be very similar to other attacks from the group. Malwarebytes analysts have discovered that the APT group has been using a new technique that involves spear phishing to steal user data and cryptocurrency.
The focus of the phishing campaign is consistent with the APT group’s style – they impersonate big, global brands. In this case, they pretended to be a huge military and defense company.
Korean hackers are rampaging. They are one of the most active cyber-attackers in the world. The US considers them to be a huge threat. They have been caught red handed attacking companies and stealing secrets for years. Their leader is Lazarus, who has been active since at least 2009. This group is responsible for many cyber attacks, including the WannaCry ransomware attack that has been in the news.… Read the rest
Android Malware steals your money, then wipes your phone
For years, malware has been an issue for computers. While there are different levels of severity, it is extremely dangerous when targeting your smartphone.
Apple’s closed ecosystem is incredibly protective. It has few checks and balances. As a result, it’s very difficult for hackers to infiltrate Apple products and leave malware behind. Unfortunately, Android is the opposite. Its open nature makes it easy for hackers to infiltrate, leaving Android users vulnerable to malicious code.
A new version of a virus has been discovered. Read on to find out how a Brazillian malware became a powerful threat.
Here’s the back story
A Remote Access Trojan (RAT) known as BRATA has been around since 2019. At the time, it was used as spyware and exclusively targeted Android users in Brazil. It was able to capture a victim’s screen in real-time.
In early 2016, a malware called BRATA spread online. It masqueraded as … Read the rest
Loading ...