See You at GLUG 2022!

Connect with Ferrilli at the Great Lakes Users Group Conference, September 26, 2022, in Livonia, Michigan!

Stop by our booth to learn about our broad range of Ellucian Colleague consulting services. And don’t miss our live Data Security Essentials session in Room 205 at 1:15 pm ET, as Ferrilli’s Kelly Sinacola and Christopher Mallory share actionable advice on how to avoid the devastating effects of a cyberattack.

We look forward to seeing you there.

Connect with Us at MBUG 2022!

Attending the Mississippi Banner Users Group conference in Tupelo, Mississippi, on September 11-13, 2022?

If so, be sure to connect with Ferrilli’s Steven Terry and Ashleigh Mayer to learn how our expert team can help maximize your institution’s Ellucian Banner investment!

Our functional and technical Banner ERP consultants have been in your shoes – having used and managed Banner as on-campus technology leaders, admissions and enrollment directors, marketing specialists, financial aid directors, bursars, finance leaders, and more!

We’re committed. We care. We do whatever it takes. And we look forward to seeing you at MBUG!

[Webinar Recording] GLBA Amended Safeguards Rule. Are You Prepared?

Watch as Ferrilli’s Security, Cloud & Infrastructure team share expert advice on how to meet the requirements of the updated GLBA Safeguards Rule.

Ferrilli Named to 2022 Inc. 5000 List of Fastest-Growing Private Companies in America

Haddonfield, NJ – We are excited to announce that Ferrilli has been named to the 2022 Inc. 5000 list of the fastest-growing privately held companies in America.

This is the 4th year that Ferrilli has been named to the prestigious list (2009, 2017, 2018 & 2022).

“Being named to the Inc. 5000 list is national recognition of our hard work as an organization. It is a testament to the talent and dedication of everyone at Ferrilli,” said Ferrilli CEO Robert Ferrilli. “I am incredibly proud of what we have accomplished.”

Continue reading “Ferrilli Named to 2022 Inc. 5000 List of Fastest-Growing Private Companies in America”

[Webinar Recording] Active Directory Security: Privileged Identity Protections

Watch as Ferrilli Senior Consultant Erik Potzmann shares expert advice on Active Directory security protections.

[Webinar Recording] OPTIMIZING YOUR MICROSOFT 365 A5 LICENSING

Watch Ferrilli Senior Consultant Erik Potzmann share expert advice on optimizing your Microsoft 365 A5 licensing.

Connect with the Ultimate Pros at NACUBO 2022!

We’re excited to be an exhibiting sponsor at the NACUBO 2022 Annual Meeting, July 16-19, in Aurora, Colorado!

Stop by Booth 523 to take a shot on our state-of-the-art golf simulator and connect with Ferrilli’s Senior Vice President Carol Thomas, Chief Client Officer Marcia A. Daniel and Executive Vice President Steven Christian.

Our team of talented higher education technology caddies will be there to cheer you on … and, of course, answer any questions you have about maximizing your institution’s technology investment.

We look forward to connecting with you.

Connect with Ferrilli at Anthology Together 2022!

We’re excited to be a sponsor at Anthology Together 2022, July 11-14, in Orlando, Florida!

Stop by Booth 115 to connect with the Ferrilli team and learn how to maximize your technology investment. We want to hear about what’s going right, what needs improvement, and what you hope to accomplish going forward.

You can also attend a live session hosted by Ferrilli’s Anthology Services Director, Dan Mongeluzi, on Mastering Business Processes via Health Checks.

We look forward to seeing you at AT22!

[WEBINAR RECORDING] Financial Aid Staffing Shortages: Actionable Tips to Enhance Office Efficiency While Short-Staffed

Watch Ferrilli Financial Aid Consultants Amy Christen and Susan Kannenwischer share actionable tips to enhance aid office efficiency while short-staffed.

See you at Slate Summit 2022!

We’re excited to be attending the Technolutions Slate Summit in Nashville from June 16-17, 2022!

As a Slate Gold Preferred Partner, we empower admissions teams to get the most out of Slate.

Connect with Ferrilli’s Ashleigh Mayer, Kelly Sinacola, Dixie McNally, Joshua Flick, Bethann Corey, and Joshua Weiler at the summit to find out how.

We look forward to seeing you there!

See You At CCA 2022!

We’re excited to be attending the 29th annual Community Colleges of Appalachia Conference this Sunday, June 5th, through June 7th, in Asheville, NC!

Connect with Ferrilli’s Robert Ferrilli, Marcia A. Daniel and Ashleigh Mayer during the event to learn about our tireless commitment to enhancing institutional effectiveness and enriching the student experience both in the region and across the country.  

We look forward to seeing you there!

Connect with Ferrilli at ACCTC 2022!

Attending the Arizona Community Colleges Technical Conference at Yavapai College, June 1-2, 2022?

Be sure to connect with us throughout the event. Ferrilli is committed to providing the services Arizona Community Colleges need to streamline operations, reduce costs and position students for success.

We look forward to seeing you there!

ACCT Quarterly Article: Diminishing the Cyber Threat

Check out Ferrilli Chief Client Officer Marcia A. Daniel’s latest article in the ACCT Trustee Quarterly: Diminishing the Cyber Threat: A conversation with cybersecurity legal expert Allen Sattler reveals key steps colleges must take to minimize the impact of breaches.

Thank you to Allen Sattler, Partner and Vice Chair of Data Privacy & Cybersecurity at Lewis Brisbois Bisgaard & Smith LLP, for contributing his knowledge and expertise to this timely piece on the steps colleges must take to minimize the impact of cyber attacks.

At Ferrilli, security is never secondary. If your institution has fallen victim to a cyber attack, please click here to receive 100 hours of complimentary security services.

SEE YOU AT UBUG 2022!

UBUG 2022 attendees, make sure to stop by and see us during the conference on Friday, May 13th at Utah State University!

We’ll be standing by to address all your Banner-related questions. As an Ellucian Platinum Services Partner we have the knowledge and expertise to help your institution maximize its Ellucian Banner investment.

You can also check out our breakout session at 11am MT in Room 311, ‘A Cloud 360 Approach: Meeting the Demands of a Digital-First Era’ with Ferrilli Senior Vice President Carol Thomas.

We look forward to seeing you there!

Connect with Ferrilli at the MEEC Member Conference and Vendor Showcase

We’re excited to be appearing at the Maryland Education Enterprise Consortium (MEEC) Member Conference and Vendor Showcase on Wednesday, April 27, at Martin’s West!

Stop by Booth 38 to learn how Ferrilli, as an official MEEC IT professional consulting services vendor, is uniquely positioned to help your institution maximize its technology investment.

We will also be hosting a live session during the conference:

Cloud 360: Addressing the Demands of Cloud Service Delivery
Session Time: 1:30 – 2:20 pm ET
Session Location: Camelia

We look forward to connecting with you!

CONNECT WITH US AT THE SALESFORCE.ORG EDUCATION SUMMIT 2022

We’re excited to be a sponsor at the Salesforce.org Education Summit 2022, starting April 20th!

As a Salesforce Consulting Partner, we are here to help institutions grow enrollment, improve retention, support fundraising and advancement, and foster productive relationships with constituents both on and off campus.

Click here to access the virtual conference and connect with us.

Ferrilli Security Alert: Patch recent vulnerabilities from Google and Microsoft

By: Armando D’Onorio (CISSP, GSLC, GCCC), Ferrilli’s Chief Information Security Officer & Senior Consultant

We’re alerting our higher education community to act quickly and patch the latest vulnerabilities from Google and Microsoft:

  • Google Chrome: An exploit for CVE-2022-1364 exists and it is strongly recommended that everyone install the latest Google Chrome update (100.0.4896.127) as soon as possible.
  • Microsoft RDP: Critical Windows RPC CVE-2022-26809 flaw raises concerns due to its potential for widespread, significant cyberattacks. Therefore, all organizations need to apply Windows security updates as soon as possible.

Note: While our focus is on getting the academic systems updated, please remind your faculty, staff, and students to patch their personal devices.

More info about the vulnerabilities: 

​​​​
Google Chrome

  • Google officials did not release many details about the flaw, saying that information and links about the bug are being restricted until most users are updated. The emergency updates the company issued this week impacted almost 3 billion users of its Chrome browser as well as those using other Chromium-based browsers, such as Microsoft Edge, Brave and Vivaldi. They will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on but have not yet fixed. The vulnerability is a so-called “confusion” weakness in Chrome’s V8 JavaScript engine. This type of flaw often leads to browser crashes, but the high severity label for this specific vulnerability suggests that it could be the rarer kind that allows attackers to execute damaging code depending on the privileges associated with the application. An attacker could view, change, or delete data, according to the Center for Internet Security.

Microsoft RDP: CVSS:3.1 9.8 / 8.5

  • Microsoft fixed this vulnerability as part of the April 2022 Patch Tuesday updates and rated it as ‘Critical,’ as it allows unauthorized remote code execution through a bug in the Microsoft Remote Procedure Call (RPC) communication protocol (TCP 445 and 135). If exploited, any commands will be executed at the same privilege level as the RPC server, which in many cases has elevated or SYSTEM level permissions, providing full administrative access to the exploited device. Security researchers believe the bug has the potential to be exploited in widespread attacks, like what we saw with the 2003 Blaster worm and 2017 Wannacry attacks utilizing the Eternal Blue vulnerability. Currently there are over 1.3 million devices exposing port 445 to the Internet, offering a massive pool of targets to exploit. It is important to stress that institutions should apply the patch because it can surface in several configurations of both client and server RPC services. This vulnerability is ideal for spreading laterally in a network and security experts believe we will surely see it used by ransomware gangs in the future.

What Version Should You Be on Google Chrome?
The latest fix will bring Chrome to version 100.0.4896.127 across Windows, Linux, and Mac platforms. Remind your users to close their browsers so the Chrome updates will be applied in the coming days and weeks, as Chrome automatically installs the latest patch when the browser is closed and relaunched.

If you have any questions or need assistance, please click here.

Stop by Booth 501 at Ellucian Live 2022 and take your shot at $50k

We’re going for the green at Ellucian Live 2022!

Stop by Booth 501 on Sunday, April 10th – Tuesday, April 12th, to play Ferrilli’s $50,000, hole-in-one challenge!

We’ll also be raffling off a once-in-a-lifetime trip to the beautiful Pebble Beach Resorts, located between picturesque Monterey and Carmel, California.

Our team of talented higher education technology experts will be there to cheer you on … and, of course, answer any questions you have about optimizing your institution’s Ellucian technology.

You do not want to miss this! Just look for the massive, state-of-the-art golf simulator and come over to take your shot!

Ferrilli Live Sessions at eLive 2022!

We’re excited to be presenting three live sessions at Ellucian Live 2022:

Solution Showcase Demo: Ferrilli’s Automated Degree & Certificate Evaluator for Colleague

Monday, April 11th – 2:30 PM – 2:45 PM (MDT)

Lead Presenter: Kelly Sinacola, Executive Vice President, Ferrilli

Go Serverless and Take Off to the Cloud with Ferrilli, Ellucian, and AWS

Tuesday, April 12 – 3:45 – 4:30 PM (MDT)

Lead Presenter: Robert Ferrilli, CEO, Ferrilli

Rethinking Student Affairs Roles: Dynamic Technology and Student Populations

Wednesday, April 13 – 9:00 – 9:45 AM (MDT)

Lead Presenter: Kathryn Starkey, Associate Dean of Adult Learning, Colorado State University Pueblo

Co-Presenters: Linda Bloom, Senior Consultant, Ferrilli & Carol Larson, Registrar, Colorado State University Pueblo

Ferrilli Security Alert: Russian Cyber Activity Updates & Preparation Advice

We’re following up from our Russian Cyber Activity webinar earlier this month to provide our higher education community with the latest updates and advice on the Russian cyber threat:

The U.S. Government has called the current moment “critical” in working towards enhancing its cybersecurity defenses and believes the threat of cyberattack from Russia is looming against the United States.

Government officials stated this reinforces the urgent need for all organizations, large and small, and even individuals to act now to protect themselves against malicious cyber activity.

The following information can help you be prepared:

Report anomalous cyber activity and/or cyber incidents as soon as possible!

The CISA is working closely with federal and industry partners to monitor the threat environment 24/7 and they stand ready to help organizations respond to and recover from cyberattacks.

Visit CISA.gov/Shields-Up for information on how to protect your network(s) and how to report anomalous cyber activity and/or incidents. When cyber activity/incidents are reported quickly, it can contribute to stopping further attacks.

  • report@cisa.gov
  • (888) 282-0870, or
  • Your FBI Field Office or CISA Regional Office

What Can Be Done?

  • Treat people as your first line of defense – Educate your employees on common tactics (email and websites) and how to report suspicious activity and investigate their reports promptly and thoroughly.
  • Test your emergency procedures for backups and restoring services/data. Ensure you have offline backups beyond the reach of malicious actors.
  • Encrypt your data so it can not be used if stolen.
  • Verify your communication channels work and know the players and their roles in your Emergency Response Team.
  • Ensure software and hardware patching is current and up to date.
  • Enable multifactor authentication on all accounts/systems/devices connecting to your network(s).
  • Engage proactively with your local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents.

Cybersecurity advice to share with co-workers, family and friends

  • Pay extra attention to email: Your work email address, as well as any personal email addresses, are the most common starting places for a targeted attack.
  • Protect yourself:
    • DO NOT FOLLOW LINKS contained in emails or in text messages – If you feel the communication is legitimate, navigate to the main website by typing in the primary site address and then navigate to the desired page/resource. o    Verify the email using a different contact method – Voice calling is particularly powerful in vetting outreach.
    • Use strong passwords and multi-factor authentication to reduce compromises by unwanted hackers.
    • Protect your devices and home network – keep them up to date and use antivirus software. Use the latest supported versions, apply security patches promptly, use anti-virus and scan regularly to guard against known malware threats.
    • Beware of new outreach in social media platforms (Twitter, Instagram, Snapchat, Facebook, etc.) and text messages from unknown phone numbers or groups.
  • Protect others:
    • REPORT any suspected communications or activity to your Helpdesk or IT department.
    • Report suspicious outreach received at your personal email addresses by reporting them to your service provider via their published resources.
    • DO NOT FORWARD or share:
      • unvetted outreach or “recommended” content.
      • suspicious messages Delete them immediately.

Thank you and please stay safe!​

Ferrilli Alert: Federal Fiscal Year 2022 Budget Impact on Pell Grant Awards

With the passage of the Fiscal Year 2022 Federal budget on March 15, 2022, new Pell entitlement figures have been approved, increasing the maximum Pell grant award $400, to $6,895 for the 2022-23 award year.

While this increase is beneficial for students, it will also require action for Financial Aid Offices that have already begun packaging students for the upcoming year.

Impacts for Previously Award Students

The increase to the maximum Pell grant award may have several impacts to the aid packages of students who have previously been awarded for the 2022-23 award year.

  • Students awarded Pell grants will likely see an increase to their award entitlement.
  • An increased Pell award may require adjustment to other Federal and institutional awards, as the higher Pell amount will reduce the student’s overall unmet need.
  • Depending on the institution’s SIS/ERP packaging configuration and functionality, adjustments to student awards may require software updates and/or manual review and adjustment.

How to Prepare for Updating Student Pell Awards and Award Packages

There are several steps Financial Aid Offices can take to prepare to implement these changes in their SIS/ERP systems and repackage previously awarded students.

  • Identify any previously packaged students who received Pell as part of their 2022-23 award package. Since this population will need to be reviewed, identifying the population in advance will allow Financial Aid Office staff to better prepare for award revisions when the SIS/ERP is capable of processing them.
  • Monitor communication from your institution’s SIS/ERP vendor indicating what system changes need to be made to accommodate the new Pell entitlements. Generally, this may only require parameter updates for the new amounts but depending on other changes that may have been made to the entitlement grids, software updates may be required as well.
  • Monitor communications from the Department of Education regarding the reprocessing of ISIRs to reflect the updated Pell amounts. Even if your software vendor provides guidance/updates for accommodating the increased award amounts, a new ISIR transaction will still need to be received to correctly calculate a student’s award.
  • Determine if your institution will make adjustments to any previously awarded institutional need-based aid. In other words, if Pell is increased will your institution decrease its need-based award offer or allow previous amounts to remain unchanged. If the latter option is chosen, this may result in the need to revise Subsidized Stafford Loan amounts in the student’s award package.
  • Identify any not yet packaged students with Pell grant eligibility. Excluding these students from the packaging process until the necessary system changes and reprocessed ISIRs have been received will prevent providing inaccurate awards to students and reduce the need for additional repackaging by Financial Aid Office staff.
  • Communicate with your students about revisions to their awards. When students and their families see news of these changes due to the approval of the Federal Budget, they may have questions about how they will be impacted and when they will see revisions to their award package. Providing this information preemptively to both students needing revisions as well as student who may have their packages delayed may help to allay their concerns and reduce inquiries to their institution’s Financial Aid Office.

Please don’t hesitate to contact us if you require assistance updating student Pell awards and award packages. We’re here to help!​​​​​

Webinar Recording: Protect Your Institution from Russian Cyber Activity

Our emergency webinar addressed the rise in Russian-Ukraine themed threats and cyber-attack activity. This webinar helps institutions “Know What Their Attackers Know,” and position themselves for defense.

CISOA Technology Summit: Stop by Booth 301 & 302!

We’re excited to be a Diamond Sponsor at the 2022 CISOA Technology Summit in Ontario, CA, March 20-23, 2022!

Stop by Booth 301 & 302 to learn how Ferrilli can help your institution maximize its technology investment.

And don’t forget to check out our live session on Monday, March 21st from 11:15 a.m. to 12:15 p.m. PT: Learn about SJECCD’s Cloud Experience with Ferrilli, Ellucian, & AWS with San Jose Evergreen Community College District’s Director of Enterprise Applications Sergio Oklander.

We look forward to connecting with you!

NERCOMP 2022: Visit Ferrilli at Booth 402!

We’re excited to be a sponsor at the 2022 NERCOMP Annual Conference in Providence, Rhode Island, March 14-16!

Stop by Booth 402 throughout the event to connect with our knowledgeable higher education technology experts and learn about the special benefits we offer to NERCOMP members.

And be sure to check out our live session on Tuesday, March 15th from 8:30-9:15am (ET) in Room 553: A Different Approach – How One College Took its IT Services to the Next Level.

We look forward to seeing you at the conference and sharing how Ferrilli can help your institution maximize its technology investment!

To learn more about our services and the special benefits we offer to NERCOMP members, please visit our vendor page on the NERCOMP website.

Ferrilli Security Update: Protect Your Institution from Increased Russian Cyber Activity

By: Armando D’Onorio (CISSP, GSLC, GCCC), Ferrilli’s Chief Information Security Officer & Senior Consultant

Higher education institutions should be more on guard than ever for cyber attacks. Due to the current political climate, we are seeing an increase in attacks, especially attacks originating from Russia.

In the past week, our security team has seen two Russian attacks on U.S. institutions; as well as two other institutions hit hard by phishing schemes.

We will be holding an emergency webinar on Thursday, March 17th, 2022, to discuss the threat and provide action steps for protection. Stay tuned for more details. And please stay safe!

Ferrilli Security Alert: Experts Warn to Prepare for More Russian Cyber Activity

By: Armando D’Onorio (CISSP, GSLC, GCCC), Ferrilli’s Chief Information Security Officer & Senior Consultant

As the U.S. imposes sanctions on Russia for its ongoing aggression with Ukraine; security experts at the Wall Street Journal’s virtual CIO Network Summit this week recommended that the U.S. should prepare for possible cyber retaliation.

Recommendations and Awareness

Recommendations that came from the Summit included locking accounts after two or three failed login attempts and being aware that the Russian operatives could be using password spraying attacks; recycling passwords from past password data dumps; and may likely be using artificial intelligence to access networks.

Russia has been known to use hybrid warfare strategies and utilize cyberattacks against their adversaries. Professionals who monitor cyber threats, both for governments and corporations, are concerned that the worst is yet to come, in the form of both direct attacks by Russia and collateral damage from their cyber attacks.

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has issued a warning to U.S. business that says they should be prepared to defend against cyber attacks originating from Russia. “Every organization—large and small—must be prepared to respond to disruptive cyber activity.”

Russian Hackers began at least as early as January targeting Ukraine with “wiper” malware which is designed to destroy hard drive data by wiping their contents completely. Professionals who monitor cyber threats, both for governments and corporations, are on high alert because Russia has a history of unleashing cyberweapons that wreak havoc far beyond the computers and networks that were their original targets.

What Can You Do to Protect Your Student and Employee Data?

The House Armed Services Committee recommends institutions be testing procedures for backups and restoring data, enabling multifactor authentication on devices connected to their networks, and ensuring software is up to date on patching to protect their networks from known vulnerabilities.

Here are Some Additional Mitigating Tips and Helpful Layers of Defense

  • Prepare by documenting what you have. Identify every application and asset running in your IT environment. This level of granularity will allow you to quickly map critical assets, data, and backups, and to identify vulnerabilities and risks. By having a complete picture of your network and data environments, you’ll be able to respond and act quickly during an attack or breach.
  • Utilize segmentation and alerting where possible to help prevent ransomware propagation and lateral movement. Create perimeters around critical applications, backups, file servers and databases. Restrict traffic between users, applications, and devices to help block lateral movement. These blocked access attempts become your indicators of compromise. Incorporate reputation-based detection that alerts to the presence of known malicious domains and processes. Set up security monitoring so you are collecting the data that will be needed to analyze network intrusions.
  • Test your backups and recovery methods. Make sure to have backups off-site and visualization capabilities that support phased recovery strategies in which connectivity is gradually restored as different areas of the network are validated as “all clear.”
  • Do not expose management interfaces of network devices to the internet. The management interface is a significant attack surface, so not exposing them reduces your risk. Web based interfaces are convenient for managing networking equipment, but under no circumstances should these be open to the world and the internet.
  • Protect your devices and networks by keeping them up to date. Use the latest supported versions, apply security patches promptly, use anti-virus and scan regularly to guard against known malware threats.
  • Use multi-factor authentication to reduce the impact of password compromises.
  • Treat people as your first line of defense. Tell staff how to report suspected phishing emails, and ensure they feel confident to do so. They are your first line of defense, investigate their reports promptly and thoroughly. Never punish users for clicking phishing links or opening attachments.

VMware Alert: Patch These Vulnerabilities Immediately!

By: Armando D’Onorio (CISSP, GSLC, GCCC), Ferrilli’s Chief Information Security Officer & Senior Consultant

VMware is urging customers to patch bugs in ESXi, Workstation, Fusion and Cloud Foundation running in on-premises or co-located settings.

The ramifications of the combined vulnerabilities are serious, especially if attackers have access to workloads inside your environments.

The patches fix a total of five (5) CVEs in those products that were disclosed during the Tianfu Cup, a Chinese security event that VMware participates in.

We’re increasing awareness for our higher education community

Knowing that most academic institutions have increased their use of VMware to help with the increase of remote work and labs from home for their employees and students.

Ferrilli is increasing the awareness and recommending that institutions pay extra close attention to failed VMware patches on their systems. Double-check that all systems have been properly patched (servers, workstations, and laptops).

**Remind all your users to patch their personal devices.**

More info about the vulnerabilities

The VMware vulnerabilities include use-after-free (UAF) bugs, double-fetch, unauthorized access, and denial of service bugs. While the individual bugs don’t reach the critical level, VMware says the combined bugs should be treated as such because they can be combined to result in higher severity.

  • ESXi, Workstation and Fusion contain:
    • A UAF bug (CVE-2021-22040) in XHCI USB controller that could allow a bad actor with local admin privileges on a virtual machine to execute code as he virtual machine’s VMZ process running on the host.
    • A double-fetch bug (CVE-2021-22041) that could also lead to unauthorized code execution on the virtual machine’s VMX process running on the host.
  • ESXi also contains:
    • An unauthorized access vulnerability (CVE-2021-22042) due to VMX having access to settings authorization tickets. A malicious actor with privileges in the VMX process only could access settings service running as a high priority user.
    • A Time-of-check Time-of-use bug (CVE-2021-22043) that exists in the way temporary files ae handled that could be used to escalate privileges by writing arbitrary files.
    • A slow HTTP Post denial-of-service vulnerability in rhttpproxy that could be used to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests.

For more information on workarounds and patching these vulnerabilities, read VMware’s advisory and the company’s associated blog.

If you have any questions or need assistance, please click here to get help.

Ferrilli Security Alert: Google Patches Actively Exploited Chrome Zero-Day Vulnerability

By: Armando D’Onorio (CISSP, GSLC, GCCC), Ferrilli’s Chief Information Security Officer & Senior Consultant

Google has released a NEW update for the Chrome browser for Windows, Mac, and Linux, to fix a high-severity, zero-day vulnerability used by threat actors in attacks.

“Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild.”

It is it strongly recommended that everyone install yesterday’s (2/15/2022) Google Chrome update as soon as possible.

We’re increasing awareness for our higher education community

Ferrilli is recommending that academic institutions pay close attention to failed patches on their systems and double-check that all systems have been patched (workstations, laptops, and servers). Please remind your faculty, staff, and students to patch their personal devices.

More info about the vulnerability

This is the first Chrome zero-day fix for this year . This vulnerability was discovered by Google’s Threat Analysis Group. While Google said they have detected attacks exploiting this zero-day, it did not share any additional info regarding these incidents or technical details about the vulnerability.

Very few details of the security flaw have been revealed but UAF vulnerabilities typically facilitate attacks such as arbitrary code execution and data corruption in unpatched software and can lead to the takeover of a victim’s machine.

The zero-day, tracked as CVE-2022-0609 is carrying a CVSSv3 score of 9.8/10.

What Version Should You Be On?

The latest stable build (98.0.4758.102) for Windows, Mac, and Linux brings with it a total of 11 security fixes, with many of the highest-severity flaws relating to use after free (UAF) vulnerabilities.

If you have any questions or need assistance, please click here to get help.

Zooming In On Zero-Click Exploits (Patch Your Zoom Software!)

By: Armando D’Onorio (CISSP, GSLC, GCCC), Ferrilli’s Chief Information Security Officer & Senior Consultant

A zero-click attack surface for the popular video conferencing solution Zoom has yielded two security vulnerabilities that could have been exploited to crash the service, execute malicious code, and even leak arbitrary areas of its memory.

The weaknesses have been addressed by Zoom as part of their updates. Failure to patch all your systems could provide the needed pivot-point for threat actors to gain access into your network environment.

We’re increasing awareness for our higher education community:

Ferrilli is recommending that academic institutions pay close attention to failed patches on their systems and double-check that all systems have been patched (workstations, laptops, and multimedia router (MMR) servers). Also, remind your faculty, staff, and students to patch their personal devices.

More info about the vulnerabilities:

A zero-click attack against the Windows Zoom client was revealed at Pwn2Own (a security event designed to identify and flag vulnerabilities before they’re exploited by threat actors) showing that it does indeed have a fully remote attack surface. This resulted in two vulnerabilities being reported to Zoom. One was a buffer overflow that affected both Zoom clients and MMR servers, and one was an info leak that is only useful to attackers on MMR servers.

Here are the CVE numbers associated with the two flaws that were identified:

  • CVE-2021-34423 (CVSS score: 9.8) – A buffer overflow vulnerability that can be leveraged to crash the service or application or execute arbitrary code.
  • CVE-2021-34424 (CVSS score: 7.5) – A process memory exposure flaw that could be used to potentially gain insight into arbitrary areas of the product’s memory.

Goal of a zero-click attack:

For threat actors to stealthily gain control over the victim’s device without requiring any kind of interaction from the user (such as clicking on a link). A key trait of zero-click hacks is their ability not to leave behind traces of malicious activity, making them very difficult to detect.

If you have any questions or need assistance, please click here.