Many people use computer and mobile applications to get news, product updates and Google Alerts. The next time you go to check the notification, be wary of the latest cybersecurity threat so you don’t install something dangerous to your device.
You are here
On February 17, 2021, the Federal Bureau of Investigation issued a notice providing awareness regarding Telephony Denial of Service (TDoS) attacks. TDoS attacks affect the availability and readiness of 911 call centers and can undermine public trust in emergency services.
Before a TDoS Attack
On February 17, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Treasury (Treasury) issued a Joint Cybersecurity Alert (CSA) and seven Malware Analysis Reports (MAR) on the malware variant known as APPLEJEUS. APPLEJEUS has been used by Lazarus Group, a North Korean-sponsored Advanced Persistent Threat (APT) actor. These cyber actors have targeted organizations for cryptocurrency theft in over 30 countries during the past year alone.
Microsoft has released a security advisory to address an escalation of privileges vulnerability, CVE-2021-1732, in Microsoft Win32k. A local attacker can exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild.
CISA encourages users and administrators to review Microsoft Advisory for CVE-2021-1732 and apply the necessary patch to Windows 10 and Windows 2019 servers.