Using Moxa MXview?
Do this: Patch and update immediately.
Why: Critical security vulnerabilities in Moxa’s MXview web-based network management system open the door to an unauthenticated remote code execution.
Additional Info: https://threatpost.com/critical-mqtt-bugs-industrial-rce-moxa/178399/
Using the PHP Everywhere Wordpress Plug-in?
Do this: Install the PHP Everywhere update immediately.
Why: Tens of thousands of WordPress sites are at risk from critical vulnerabilities found in the widely used plug-in, PHP Everywhere. These vulnerabilities are very easy to exploit and can be used to quickly and completely take over a site.
Additional Info: https://threatpost.com/php-everywhere-bugs-wordpress-rce/178338/
Are you a Windows Shop?
Do this: Make sure to monitor the Regsvr32 executions... Specifically:
- Look for parent/child process relationships where Regsvr32 is executed with parent process of Microsoft Word or Microsoft Excel.
- Look for Regsvr32 executions that load the scrobj.dll, which executes a COM scriptlet.
Additional Info: https://threatpost.com/cybercriminals-windows-utility-regsvr32-malware/178333/
Send Us Your Comments
What did you think of this article? Send us a note to let us know what you liked, would like to see more of, or what we can do better. And don't be surprised if we reach back out with a small 'thank you' gift for your feedback.