cs.beta.fletch.ai
Open in
urlscan Pro
34.102.249.32
Public Scan
Submitted URL: https://t.co/vwC7phIjE4
Effective URL: https://cs.beta.fletch.ai/p/romcom
Submission: On September 06 via api from IN — Scanned from CA
Effective URL: https://cs.beta.fletch.ai/p/romcom
Submission: On September 06 via api from IN — Scanned from CA
Form analysis 0 forms found in the DOM
Text Content
CISA ADDS THREE SECURITY FLAWS WITH ACTIVE EXPLOITATION TO KEV CATALOG - #ROMCOM In July 2023, a Russian cybercriminal group exploited a zero-day vulnerability in Microsoft Office and Windows to target North American and European governments. The group, known as Storm-0978, deployed ransomware and stole data in an ongoing campaign. Storm-0978 has been active since at least 2019, using phishing emails and malicious documents to distribute their signature backdoor, RomCom, onto systems. Microsoft has issued guidance for mitigating the vulnerability but has not yet released a patch. Federal agencies have been given directives to apply workarounds, and private organizations have been urged to do the same to avoid compromise. * Visit fletch.ai to learn more Free * Prioritizer * Forecaster * Threats Sign Out Try AskFletch for Free π. Pop your question into the search bar above π. Ask about threats in your industry, advice for a specific threat, or threats to different technologies. RomCom Safeguard Microsoft stack from CVE-2023 RCE vulnerabilities Summary Safeguard Microsoft stack from CVE-2023 RCE vulnerabilities WritePreview Β Summary History On this page * Summary * Expert advice * Communication * Correlation Overview * Correlation Details Expert Advice SHORT-TERMKnown recommendations to mitigate this threat, based on your data in Fletch. Copy text * Update all GPU firmware to the latest version, as some vendors have already released patches for the LeftoverLocals vulnerability. [1] * Avoid using multi-tenant GPU environments for security-critical processes until a fix is implemented. [2] * Implement user-level mitigations to protect sensitive data. [3] + 1 more Sign up to continue See more details on this threat, including long term advice, communications templates, and how it impacts you. Then explore more threats. Itβs free to get started. Sign upAlready have an account? Log in LONG-TERMKnown recommendations to mitigate more threats like this. Copy text * Regularly update all hardware and software to ensure the latest security patches are applied. [1] * Implement a policy of using only hardware and software from vendors that provide regular security updates and have a good track record of responding quickly to vulnerabilities. [2] * Consider implementing an automatic local memory clearing mechanism between kernel calls to ensure isolation of sensitive data written by one process. [3] * Regularly conduct security audits and vulnerability assessments to identify and address potential security risks. [4] * Train staff on the importance of cybersecurity and how to recognize and respond to potential threats. [5] Was this advice helpful?