Daily NCSC-FI news followup 2021-05-04

Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws

labs.sentinelone.com/cve-2021-21551-hundreds-of-millions-of-dell-computers-at-risk-due-to-multiple-bios-driver-privilege-escalation-flaws/ SentinelLabs has discovered five high severity flaws in Dell’s firmware update driver impacting Dell desktops, laptops, notebooks and tablets since 2009. Attackers may exploit these vulnerabilities to locally escalate to kernel-mode privileges. Dell has released a security update to its customers to address this vulnerability –

www.dell.com/support/kbdoc/fi-fi/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability. Also: threatpost.com/dell-kernel-privilege-bugs/165843/. Also:

www.forbes.com/sites/thomasbrewster/2021/05/04/warning-hundreds-of-millions-at-risk-from-12-year-old-vulnerabilities-lying-deep-in-dell-pcs/?sh=492ec6e263b3

Critical 21Nails Exim bugs expose millions of servers to attacks

www.bleepingcomputer.com/news/security/critical-21nails-exim-bugs-expose-millions-of-servers-to-attacks/ Critical vulnerabilities in the Exim mail transfer agent (MTA) software allow unauthenticated remote attackers to execute arbitrary code and gain root privilege on mail servers with default or common configurations. All Exim versions released since 2004 are impacted. Qualys:

blog.qualys.com/vulnerabilities-research/2021/05/04/21nails-multiple-vulnerabilities-in-exim-mail-server/. Also:

therecord.media/21nails-vulnerabilities-impact-60-of-the-internets-email-servers/

Belgium’s government network goes down after massive DDoS attack

therecord.media/belgiums-government-network-goes-down-after-massive-ddos-attack/ Most of the Belgium government’s IT network has been down today after a massive distributed denial of service (DDoS) attack knocked offline both internal systems and public-facing websites. The attack targeted Belnet, a government-funded ISP that provides internet connectivity for Belgian government organizations, such as its Parliament, educational institutes, ministries, and research centers. Belnet:

status.belnet.be/incidents/71

Spectre attacks come back from the dead

blog.malwarebytes.com/exploits-and-vulnerabilities/2021/05/spectre-attacks-come-back-from-the-dead/ New research has discovered Spectre attacks that bypass existing mitigations. The research claims that all modern AMD and Intel chips with micro-op caches are vulnerable to Spectre-style attacks. The good news is that exploiting Spectre vulnerabilities isn’t easy. It will require an enormous amount of knowledge about the processor at hand and a lot of luck to find any specific information an attacker could be looking for.

Boystown, dark web child abuse image website with 400, 000 members, shut down by police

grahamcluley.com/boystown-dark-web-child-abuse-image-website-with-400000-members-shut-down-by-police/

You might be interested in …

Daily NCSC-FI news followup 2019-08-15

Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows thehackernews.com/2019/08/ctfmon-windows-vulnerabilities.html A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft Windows, back from Windows XP to the latest Windows 10. Microsoft warns of new BlueKeeplike flaws www.welivesecurity.com/2019/08/15/microsoft-warning-wormable-flaws/ Microsoft issued fixes for four critical vulnerabilities in […]

Read More

Daily NCSC-FI news followup 2020-06-04

Cisco’s warning: Critical flaw in IOS routers allows ‘complete system compromise’ www.zdnet.com/article/ciscos-warning-critical-flaw-in-ios-routers-allows-complete-system-compromise/ Most severe vulns are remote code execution by unauthenticated attackers. French CERT (ANSSI) releases Active Directory Security Assessment Checklist www.cert.ssi.gouv.fr/uploads/guide-ad.html U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked threatpost.com/nuclear-contractor-maze-ransomware-data-leaked/156289/ A U.S. military contractor involved in the maintenance of the country’s Minuteman III […]

Read More

Daily NCSC-FI news followup 2020-04-29

Rogue affiliates are running fake antivirus expiration scams www.bleepingcomputer.com/news/security/rogue-affiliates-are-running-fake-antivirus-expiration-scams/ Rogue security software affiliates are sending emails that falsely tell recipients that their antivirus software is expiring and then prompt them to renew their license so that the affiliate can earn a commission from the sale. Microsoft warns of malware surprise pushed via pirated movies www.bleepingcomputer.com/news/security/microsoft-warns-of-malware-surprise-pushed-via-pirated-movies/ […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.