Daily NCSC-FI news followup 2020-01-18

Microsoft Issues Mitigation for Actively Exploited IE Zero-Day

www.bleepingcomputer.com/news/security/microsoft-issues-mitigation-for-actively-exploited-ie-zero-day/ Microsoft published a security advisory containing mitigation measures for an actively exploited zero-day remote code execution (RCE) vulnerability impacting Internet Explorer.. Redmond’s advisory says that the company is aware of “limited targeted attacks” targeting this vulnerability.

Kriittinen nollapäivähaavoittuvuus Internet Explorerissa (CVE-2020-0674)

www.kyberturvallisuuskeskus.fi/fi/kriittinen-nollapaivahaavoittuvuus-internet-explorerissa-cve-2020-0674 Microsoft on julkaissut tiedotteen kriittisestä haavoittuvuudesta, joka koskee Internet Explorer selaimen skriptit suorittavaa komponenttia (scripting engine). Haavoittuvuudelle ei ole päivitystä. Haavoittuvuuden avulla hyökkääjä voi suorittaa haitallista koodia kohdejärjestelmässä käyttäjän oikeuksin. Haavoittuvuutta käytetään maailmalla hyväksi.

Dont Let the Vulnera-Bullies Win. Use our free tool to see if you are patched against Vulnerability CVE-2020-0601

blog.trendmicro.com/dont-let-the-vulnera-bullies-win-patch-against-vulnerability-cve-2020-0601-and-do-it-now/ You can download our Trend Micro Vulnerability Assessment Tool right now to see if you are protected against the latest Microsoft vulnerability.

Business in the front, party in the back: backdoors in elastic servers expose private data

blog.malwarebytes.com/threat-spotlight/2020/01/business-in-the-front-party-in-the-back-backdoors-in-elastic-servers-expose-private-data/ Continuing my series on insecure cloud infrastructure, where I previously covered AWS and PACS, I will be going into some detail on elastic servers. Specifically, I will cover a number of cases in which I discovered a common misconfiguration, leading to open backdoors, which expose many records of personal data.

Hackers may have used critical Shellshock bug to breach Georgia election server

arstechnica.com/information-technology/2020/01/a-georgia-election-server-was-vulnerable-to-shellshock-and-may-have-been-hacked/ Forensic evidence shows signs that a Georgia election server may have been hacked ahead of the 2016 and 2018 elections by someone who exploited Shellshock, a critical flaw that gives attackers full control over vulnerable systems, a computer security expert said in a court filing on Thursday.

Citrix updates on Citrix ADC, Citrix Gateway vulnerability

www.citrix.com/blogs/2020/01/17/citrix-updates-on-citrix-adc-citrix-gateway-vulnerability/ As you know, we announced a vulnerability and comprehensive mitigations on December 17 for certain versions of Citrix Application Delivery Controller (ADC), formerly known as NetScaler ADC, and Citrix Gateway, formerly known as NetScaler Gateway, that, if exploited, could allow an unauthenticated attacker to perform arbitrary code execution.. We wanted to share some updates after further review:

The trouble with Microsofts Troubleshooters

medium.com/@radimre83/the-trouble-with-microsofts-troubleshooters-6e32fc80b8bd Recent versions of Windows are equipped with a Troubleshooting feature that can be found in the Control Panel or the new Settings application. You might find this tool useful if you have some trouble with your computer as it can quickly fix some common issues in a user-friendly way.. This write up demonstrates an implementation flaw that can be used to compromise a computer where a crafted diagnostic package is opened. Microsoft pushed back providing a fix for the current versions of Windows; to avoid trouble, pay special attention to not open .diagcab files. Mail server operators are recommended to include this file type to their blacklists.

You might be interested in …

Daily NCSC-FI news followup 2019-11-29

Europol Shuts Down ‘Imminent Monitor’ RAT Operations With 13 Arrests thehackernews.com/2019/11/europol-imminent-monitor-rat.html In a coordinated International law enforcement operation, Europol today announced to shut down the global organized cybercrime network behind Imminent Monitor RAT, yet another hacking tool that allows cybercriminals to gain complete control over a victim’s computer remotely.. see also www.europol.europa.eu/newsroom/news/international-crackdown-rat-spyware-which-takes-total-control-of-victims%E2%80%99-pcs The Olympics Goes […]

Read More

Daily NCSC-FI news followup 2020-08-21

Outlook mail issues phishing dont fall for this scam! nakedsecurity.sophos.com/2020/08/21/outlook-mail-issues-phishing-dont-fall-for-this-scam/ Heres a phish that our own security team received themselves. Apart from some slightly clumsy wording (but when was the last time you received an email about a technical matter that was plainly written in perfect English?) and a tiny error of grammar, we thought […]

Read More

Daily NCSC-FI news followup 2020-03-09

A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, researchers warn. threatpost.com/microsoft-exchange-server-flaw-exploited-in-apt-attacks/153527/ Multiple threat groups are actively exploiting a vulnerability in Microsoft Exchange servers, researchers warn. If left unpatched, the flaw allows authenticated attackers to execute code remotely with system privileges.. see also www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys ENTSO-E: cyber intrusion on its office […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.