Windows Exploit Released For Microsoft Zerologon Flaw
threatpost.com/windows-exploit-microsoft-zerologon-flaw/159254/ Security researchers and U.S. government authorities alike are urging admins to address Microsofts critical privilege escalation flaw.. Proof-of-concept (PoC) exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies Active Directory domain controllers (DCs).. The vulnerability, dubbed Zerologon, is a privilege-escalation glitch (CVE-2020-1472) with a CVSS score of 10 out of 10, making it critical in severity. The flaw was addressed in Microsofts August 2020 security updates.
Iran-Based Threat Actor Exploits VPN Vulnerabilities
us-cert.cisa.gov/ncas/alerts/aa20-259a CISA and FBI are aware of a widespread campaign from an Iran-based malicious cyber actor targeting several industries mainly associated with information technology, government, healthcare, financial, insurance, and media sectors across the United States. . see also
How I Hacked Facebook Again! Unauthenticated RCE on MobileIron MDM
blog.orange.tw/2020/09/how-i-hacked-facebook-again-mobileiron-mdm-rce.html This new post is about my research this March, which talks about how I found vulnerabilities on a leading Mobile Device Management product and bypassed several limitations to achieve unauthenticated RCE. All the vulnerabilities have been reported to the vendor and got fixed in June.
MFA Bypass Bugs Opened Microsoft 365 to Attack
threatpost.com/flaws-in-microsoft-365s-mfa-access-cloud-apps/159240/ Vulnerabilities that have existed for years in WS-Trust could be exploited to attack other services such as Azure and Visual Studio.
Back Despite Disruption: RedDelta Resumes Operations
www.recordedfuture.com/reddelta-cyber-threat-operations/ In the interim two-month period since previous Insikt Group reporting, RedDelta has largely remained unperturbed by the extensive public reporting on its targeting of the Vatican and other Catholic organizations.
Not for higher education: cybercriminals target academic & research institutions across the world
blog.checkpoint.com/2020/09/15/not-for-higher-education-cybercriminals-target-academic-research-institutions-across-the-world/ Across the USA, Europe and Asia, there was an increase in the number of attacks targeting the education and research sector in recent months.
MITRE releases emulation plan for FIN6 hacking group, more to follow
www.zdnet.com/article/mitre-releases-emulation-plan-for-fin6-hacking-group-more-to-follow/ New MITRE project to provide free emulation plans that mimic major threat actors in order to train and help defenders.
Fingrid nostaa valmiutta lähestyvän myrskyn vuoksi
www.fingrid.fi/sivut/ajankohtaista/tiedotteet/2020/fingrid-nostaa-valmiutta-lahestyvan-myrskyn-vuoksi/ Suomeen ennustetun myrskyn vuoksi kantaverkon häiriönselvitysvalmiutta nostetaan keskiviikosta 16.9. klo 16 alkaen. Valmiustilan nosto kestää perjantaiaamuun 17.9. klo 7 saakka.