Daily NCSC-FI news followup 2020-09-15

Windows Exploit Released For Microsoft Zerologon Flaw

threatpost.com/windows-exploit-microsoft-zerologon-flaw/159254/ Security researchers and U.S. government authorities alike are urging admins to address Microsofts critical privilege escalation flaw.. Proof-of-concept (PoC) exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies Active Directory domain controllers (DCs).. The vulnerability, dubbed Zerologon, is a privilege-escalation glitch (CVE-2020-1472) with a CVSS score of 10 out of 10, making it critical in severity. The flaw was addressed in Microsofts August 2020 security updates.

Iran-Based Threat Actor Exploits VPN Vulnerabilities

us-cert.cisa.gov/ncas/alerts/aa20-259a CISA and FBI are aware of a widespread campaign from an Iran-based malicious cyber actor targeting several industries mainly associated with information technology, government, healthcare, financial, insurance, and media sectors across the United States. . see also

us-cert.cisa.gov/ncas/analysis-reports/ar20-259a

How I Hacked Facebook Again! Unauthenticated RCE on MobileIron MDM

blog.orange.tw/2020/09/how-i-hacked-facebook-again-mobileiron-mdm-rce.html This new post is about my research this March, which talks about how I found vulnerabilities on a leading Mobile Device Management product and bypassed several limitations to achieve unauthenticated RCE. All the vulnerabilities have been reported to the vendor and got fixed in June.

MFA Bypass Bugs Opened Microsoft 365 to Attack

threatpost.com/flaws-in-microsoft-365s-mfa-access-cloud-apps/159240/ Vulnerabilities that have existed for years in WS-Trust could be exploited to attack other services such as Azure and Visual Studio.

Back Despite Disruption: RedDelta Resumes Operations

www.recordedfuture.com/reddelta-cyber-threat-operations/ In the interim two-month period since previous Insikt Group reporting, RedDelta has largely remained unperturbed by the extensive public reporting on its targeting of the Vatican and other Catholic organizations.

Not for higher education: cybercriminals target academic & research institutions across the world

blog.checkpoint.com/2020/09/15/not-for-higher-education-cybercriminals-target-academic-research-institutions-across-the-world/ Across the USA, Europe and Asia, there was an increase in the number of attacks targeting the education and research sector in recent months.

MITRE releases emulation plan for FIN6 hacking group, more to follow

www.zdnet.com/article/mitre-releases-emulation-plan-for-fin6-hacking-group-more-to-follow/ New MITRE project to provide free emulation plans that mimic major threat actors in order to train and help defenders.

Fingrid nostaa valmiutta lähestyvän myrskyn vuoksi

www.fingrid.fi/sivut/ajankohtaista/tiedotteet/2020/fingrid-nostaa-valmiutta-lahestyvan-myrskyn-vuoksi/ Suomeen ennustetun myrskyn vuoksi kantaverkon häiriönselvitysvalmiutta nostetaan keskiviikosta 16.9. klo 16 alkaen. Valmiustilan nosto kestää perjantaiaamuun 17.9. klo 7 saakka.

You might be interested in …

Daily NCSC-FI news followup 2019-10-16

Phorpiex Botnet Sending Out Millions of Sextortion Emails Using Hacked Computers thehackernews.com/2019/10/phorpiex-botnet-sextortion-emails.html A decade-old botnet malware that currently controls over 450,000 computers worldwide has recently shifted its operations from infecting machines with ransomware or crypto miners to abusing them for sending out sextortion emails to millions of innocent people. Docker Containers Riddled with Graboid Crypto-Worm […]

Read More

Daily NCSC-FI news followup 2020-07-14

Microsoft July 2020 Patch Tuesday: 123 vulnerabilities, 18 Critical! www.bleepingcomputer.com/news/microsoft/microsoft-july-2020-patch-tuesday-123-vulnerabilities-18-critical/ This Patch Tuesday is the second-largest update ever, with the largest one being issued in June 2020 with 129 fixes. 17-Year-Old Critical ‘Wormable’ RCE Vulnerability Impacts Windows DNS Servers thehackernews.com/2020/07/windows-dns-server-hacking.html Microsoft patched today a new highly critical “wormable” vulnerability – – carrying a severity score […]

Read More

Daily NCSC-FI news followup 2019-08-27

US GOV: DHS stored data from bioterrorism defense on an insecure website for a decade www.latimes.com/science/sciencenow/la-sci-biowatch-20190402-story.html Nato: a serious cyberattack could trigger Article 5 of our founding treaty. www.prospectmagazine.co.uk/world/nato-will-defend-itself We have designated cyberspace a domain in which Nato will operate and defend itself as effectively as it does in the air, on land, and at […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.