Security threats and vulnerabilities are continuously evolving, with threat actors seizing every opportunity to compromise technology, steal information and demonstrate their control.
In recent days, a number of high-profile incidents have caught the attention of Omega’s Security Operations Center (SOC).
Adobe disclosed a serious zero-day vulnerability within its Reader and Acrobat applications, announcing that hackers were actively exploiting the vulnerability to launch code execution attacks. Adobe assigned the highest priority rating to the vulnerability, indicating a severe threat to end users. A security update was quickly issued.
Omega’s managed IT support offering, Smart Support, includes patch management of common third-party applications, including Adobe, Zoom, Java, and many others. Following news of the Adobe exploit, Omega swiftly amended its standard patch schedule in order to implement the security update immediately and reduce the potential impact to managed services customers.
In the coming days, businesses should keep careful watch for targeted phishing emails that may leverage news of the exploit to induce further intrusions.
Another zero-day vulnerability making waves recently impacted the most popular Internet browsers – including Google’s Chrome, Mozilla’s Firefox, Microsoft’s Edge and Apple’s Safari – exposing a flaw that, if exposed, would allow hackers to gain control of an infected device. The browser companies each released patches to limit the impact of the vulnerability, identified as CVE-2023-4863, but users should take care to ensure their browsers are updated as soon as possible.
Omega’s SOC, which proactively monitors for external threat penetration, has also seen a recent surge of activity related to Microsoft 365 account compromises. This recent batch of threats includes the use of MFA bypasses to gain access to user accounts.
Rather than simply stealing passwords – and running into multi-factor authentication (MFA) prompts, savvy hackers can bypass MFA prompts by stealing session cookies, which essentially confirms the use of a trusted device and doesn’t prompt for authentication. MFA bypasses and other strategies such as MFA fatigue, are growing in popularity with hackers that have to adapt to more stringent authentication and authorization policies in place at security-conscious businesses.
Companies should consider evaluating their authentication policies to implement trusted device models, which can integrate with Microsoft 365 and Azure, for example, to ensure only previously-trusted devices are used to authenticate logins to corporate networks and applications.
Omega Systems’ services are designed with security in mind so that our customers can rest assured their sensitive information and systems are safeguarded against today’s most sophisticated threats. Contact our team today to discuss boosting your 24×7 IT support service and/or leveraging a proactive SOC and SIEM strategy that stops threats before they impact your users.