Please see Security Advisories for the week ending January 28, 2022
- McAfee Releases Security Update for McAfee Agent for Windows
- FBI Releases PIN on Iranian Cyber Group Emennet Pasargad
- CISA Publishes Infographic on Network Security Through Segmentation
_______________________________
McAfee Releases Security Update for McAfee Agent for Windows
Situation
McAfee has released McAfee Agent for Windows version 5.7.5, which addresses vulnerabilities CVE-2021-31854 and CVE-2022-0166.
Problem
Vulnerabilities were found in McAfee Agent that allowed a local user to perform command injection and privilege escalation.
Implication
A local attacker can take over the affected system.
Need
Update the McAfee Agent to the latest version as soon as possible.
For a more technical overview:
https://kc.mcafee.com/corporate/index?page=content&id=SB10378
________________________________
FBI Releases PIN on Iranian Cyber Group Emennet Pasargad
Situation
The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) that provides a historical overview of Iran-based cyber company Emennet Pasargad’s tactics, techniques, and procedures to enable readers to identify and defend against the group’s malicious cyber activities.
Problem
FBI information indicates Emennet poses a broader cybersecurity threat outside of information operations. Since 2018, Emennet has conducted traditional cyber exploitation activity targeting several sectors, including news, shipping, travel (hotels and airlines), oil and petrochemical, financial, and telecommunications, in the United States, Europe, and the Middle East.
Implication
Failure to head the guidelines in the advisory could leave one vulnerable to these exploits.
Need
CISA encourages users and administrators to review FBI PIN: Context and Recommendations to Protect Against Malicious Activity by Iranian Cyber Group Emennet Pasargad and apply the recommended mitigations.
For a brief overview:
https://www.ic3.gov/Media/News/2022/220126.pdf
________________________________
CISA Publishes Infographic on Network Security Through Segmentation
Situation
The CISA has published an infographic that discusses the importance of implementing network segmentation.
Problem
Network segmentation is a physical or virtual architectural approach that divides a network into multiple segments, with each acting as its own subnetwork. This provide additional security and control that can help prevent or minimize the impact of a cyber attacks.
Implication
Network that are not segmented can allow an attacker to more easily traverse and affect other systems on your network.
Need
The CISA strongly encourages network architects, defenders, and administrators to review the infographic and implement its recommendations where possible.
CISA Infographic: