Daily NCSC-FI news followup 2020-07-14

Microsoft July 2020 Patch Tuesday: 123 vulnerabilities, 18 Critical!

www.bleepingcomputer.com/news/microsoft/microsoft-july-2020-patch-tuesday-123-vulnerabilities-18-critical/ This Patch Tuesday is the second-largest update ever, with the largest one being issued in June 2020 with 129 fixes.

17-Year-Old Critical ‘Wormable’ RCE Vulnerability Impacts Windows DNS Servers

thehackernews.com/2020/07/windows-dns-server-hacking.html Microsoft patched today a new highly critical “wormable” vulnerability – – carrying a severity score of 10 out of 10 on the CVSS scale – affecting Windows Server versions 2003 to 2019. The 17-year-old remote code execution flaw (CVE-2020-1350), dubbed ‘SigRed’ by Check Point, could allow an unauthenticated, remote attacker to gain domain administrator privileges. See also:

msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server/

Adobe fixes critical bugs in Creative Cloud, Media Encoder

www.bleepingcomputer.com/news/security/adobe-fixes-critical-bugs-in-creative-cloud-media-encoder/ Adobe has released security updates to address four critical vulnerabilities that could allow attackers to execute arbitrary code and write arbitrary files on Windows devices running vulnerable versions of Creative Cloud, Adobe Download Manager, and Adobe Media Encoder.

Britannia julisti kiellon Huaweille 5g-verkoissa – Nokia ja Ericsson heti valmiita korvaajiksi

www.kauppalehti.fi/uutiset/kl/a8df18ea-00e2-46d2-ad6f-5aeb4a9c5ec5 Brittihallitus on pyörtänyt aiemman päätöksensä ja kieltää uusien 5g-laitteiden ostot kiinalaisyhtiö Huaweilta vuoden lopussa. Päätös viivästyttää verkon rakentamista ja lisää kuluja jopa pari miljardia puntaa.

Tietosuojaongelma kaupparekisterin tietopalvelussa, 144 henkilön tiedot näkyneet virheellisesti

yle.fi/uutiset/3-11446744 Kaupparekisterissä on lähes 1, 6 miljoonan ihmisen henkilötiedot. PRH:n mukaan vika johtui ohjelmistovirheestä. Vikatilanne alkoi jo kesäkuun 16. päivä, mutta se huomattiin vasta 6. heinäkuuta. Palvelu suljettiin heti.

Katalaanijohtaja epäilee Espanjan valtiota vakoilusta – kybertutkijoiden mukaan Roger Torrentin puhelimessa oli vakoiluohjelma

yle.fi/uutiset/3-11446945 Kyseessä on israelilaisen NSO-yhtiön kehittämä vakoiluohjelma Pegasus, joka pystyttiin ilmeisesti asentamaan puhelimeen WhatsApp-viestisovelluksessa olleen haavoittuvuuden kautta. Torrentia varoitti vakoiluohjelmasta kyberturvallisuusyhtiö, joka tutki asiaa WhatsAppin puolesta.

Just 21% of security pros haven’t considered quitting their current job

www.theregister.com/2020/07/14/infosec_job_change/ Almost one in five infosec pros have quit a job due to overwork or burnout caused by the constant pressure of keeping things safe and doing so without the resources to counter ever-evolving threats. Some 18 per cent [n=445] said they had personally walked out of a role permanently because of burnout; 36 per cent professed to knowing someone that had left due to it; and another 25 per cent claimed they had considered it.

You might be interested in …

Daily NCSC-FI news followup 2020-01-17

404 Exploit Not Found: Vigilante Deploying Mitigation for Citrix NetScaler Vulnerability While Maintaining Backdoor www.fireeye.com/blog/threat-research/2020/01/vigilante-deploying-mitigation-for-citrix-netscaler-vulnerability-while-maintaining-backdoor.html As noted in Rough Patch: I Promise It’ll Be 200 OK, our FireEye Mandiant Incident Response team has been hard at work responding to intrusions stemming from the exploitation of CVE-2019-19781. After analyzing dozens of successful exploitation attempts against Citrix […]

Read More

Daily NCSC-FI news followup 2019-09-21

VMware Releases Security Updates for Multiple Products www.us-cert.gov/ncas/current-activity/2019/09/20/vmware-releases-security-updates-multiple-products See also: www.vmware.com/security/advisories/VMSA-2019-0014.html Meet Stop Ransomware: The Most Active Ransomware Nobody Talks About www.bleepingcomputer.com/news/security/meet-stop-ransomware-the-most-active-ransomware-nobody-talks-about/ To give you some perspective, the ransomware identification service ID Ransomware gets approximately 2,500 ransomware submissions a day. Of those, between 60-70 % are STOP ransomware submissions. Windows 7 Voting Systems to Get […]

Read More

Daily NCSC-FI news followup 2019-08-09

Finding Evil in Windows 10 Compressed Memory, Part Two: Virtual Store Deep Dive www.fireeye.com/blog/threat-research/2019/08/finding-evil-in-windows-ten-compressed-memory-part-two.html This blog post is the second in a three-part series covering our Windows 10 memory forensics research and it coincides with our BlackHat USA 2019 presentation. In this post, we demonstrate how to retrieve a compressed page using the structures and […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.