Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29370PUBLISHED: 2021-04-13A UXSS was discovered in the Thanos-Soft Cheetah Browser in Android 1.2.0 due to the inadequate filter of the intent scheme. This resulted in Cross-site scripting on the cheetah browser in any website.
CVE-2021-3460PUBLISHED: 2021-04-13The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being accessible by an attacker.
CVE-2021-3462PUBLISHED: 2021-04-13A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object.
CVE-2021-3463PUBLISHED: 2021-04-13A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error.
CVE-2021-3471PUBLISHED: 2021-04-13** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
User Rank: Ninja
11/4/2015 | 3:03:56 PM
Encrypt your data. CryptoWall can't encrypt files that are already encrypted by the end user.
The data can be decrypted on access which would lock the files currently opened. When the file is closed it is
automatically re-encrypted in realtime. As an extra layer of security it is also possible to encrypt volume shadow
copies of the files as the behavior of CryptoWall will automatically sdelete (Secure Delete) all shadow copy data
on the infected machine. I am no way suggesting not to backup your data. However, a proper retention policy
should also be correctly set to seven or more days. If a backup whether it be to a local, network drive, or cloud
based is not encrypted there remains the risk of the files being encrypted by the ransomware and changes of
modified files by CryptoWall propagating and overwriting the original backup of end user data. Also, CrytoWall
only affects files by extention (ie .docx, .qbw, .xlsx) If a file extention is modified to something completely
obscure in no relation with any application they will remain unaffected by this ransomware.