2020 - Page 9 of 30

Samba addresses Critical Zerologon vulnerability

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / September 22, 2020 / CVE-2020-1472, Samba, Zerologon

In the wake of a Microsoft Windows Netlogon vulnerability exploit and patch, Samba also released a security update for the vulnerability dubbed Zerologon.

Samba addresses Critical Zerologon vulnerability Read More »

The top 3 endpoint threats used in 2020 cyberattacks

Cybersecurity Articles, Cybersecurity Attacks, Endpoint Security, Malware, System Hardening, Vulnerabilities & Exploits / Frank Crast / September 22, 2020 / ATT&CK, BlueKeep, Cisco, CobaltStrike, credentials, CVE-2019-0708, Divergent, Emotet, FASTCash, GALLIUM, HIDDEN COBRA, IOT, Metasploit, Mimikatz, MITRE, PowerSHell, Powersploit

Cybersecurity criminals are continuing to change threat tactics by leveraging more fileless malware and duel-use tools to attack organizations.

The top 3 endpoint threats used in 2020 cyberattacks Read More »

Drupal fixes Critical XSS bug and 4 other vulnerabilities

Application Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / September 17, 2020 / CVE-2020-13666, CVE-2020-13667, CVE-2020-13668, CVE-2020-13669, CVE-2020-13670, Drupal, XSS

Drupal has released security updates that fix a Critical XSS bug and 4 other vulnerabilities in multiple versions of Drupal. A remote attacker could exploit these vulnerabilities to compromise an affected system.

Drupal fixes Critical XSS bug and 4 other vulnerabilities Read More »

Apple releases iOS 14.0 with new privacy features and security updates for multiple products

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / September 17, 2020 / Apple, Catalina, iOS, iOS 14, iPadOS, Safari, tvOS, watchOS, Xcode

Apple has released security updates to address vulnerabilities in iOS 14.0, iPadOS 14.0, watchOS 7.0, Safari 14.0, tvOS 14.0 and Xcode 12.0. Apple also added new Privacy features for iOS 14.0.

Apple releases iOS 14.0 with new privacy features and security updates for multiple products Read More »

Exploit code available for ‘Zerologon’ vulnerability (CVE-2020-1472) that affects Microsoft Netlogon

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / September 15, 2020 / CVE-2020-1472, Domain Controller, Microsoft, MS-NRPC, Netlogon, Windows

The Cybersecurity and Infrastructure Security Agency (CISA) issued a new security advisory warning of publicly available exploit code for a Microsoft Netlogon vulnerability CVE-2020-1472. Researchers have dubbed the vulnerability ‘Zerologon’ that could allow attackers to hijack Windows domain controllers.

Exploit code available for ‘Zerologon’ vulnerability (CVE-2020-1472) that affects Microsoft Netlogon Read More »

Chinese threat actors targeting U.S. government agencies and these 4 CVEs

Cybersecurity Articles, Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / September 15, 2020 / BIG-IP, Citrix, CVE-2019-11510, CVE-2019-19781, CVE-2020-0688, CVE-2020-5902, DHS, Exchange, F5, Microsoft, MSS, Pulse Secure, VPN

Chinese Ministry of State Security (MSS)-affiliated cyber threat actors are targeting U.S. government agencies, as well as exploiting four popular vulnerabilities over the past 12 months.

Chinese threat actors targeting U.S. government agencies and these 4 CVEs Read More »

Palo Alto Networks fixes Critical PAN-OS vulnerability (CVE-2020-2040)

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / September 14, 2020 / buffer overflow, CVE-2020-2040, DOS, PAN-OS, XSS

Palo Alto Networks has fixed a Critical buffer overflow vulnerability that could allow an attacker to execute remote code as root on PAN-OS devices, along with multiple other High severity issues.

Palo Alto Networks fixes Critical PAN-OS vulnerability (CVE-2020-2040) Read More »

2020 Threat Landscape Report reveals new themes and evolving threats

Cybersecurity Articles, Cybersecurity Attacks, Internet of Things (IoT), Malware / Frank Crast / September 13, 2020 / AgentTesla, Android, banking, Coronavirus, COVID-19, Cryptocurrency, Dridex, Emotet, EOL, Fileless, FritzFrog, IOT, KryptoCibule, Maze, Snake, Trickbot, VPN

Security firm Bitdefender published its mid-year Threat Landscape Report 2020 that reveals how cybersecurity threats and malware play on the pandemic theme.

2020 Threat Landscape Report reveals new themes and evolving threats Read More »

Equinix discloses ransomware incident

Cybersecurity Attacks, Malware / Frank Crast / September 10, 2020 / data center, Equinix, malware, Ransomware

Equinix, a leader in global colocation data centers, disclosed it experienced a ransomware incident that affected internal systems.

Equinix discloses ransomware incident Read More »

Microsoft September 2020 Security and Adobe Updates

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / September 9, 2020 / ASP.NET, Azure DevOps, ChakraCore, CVE-2020-0878, CVE-2020-0908, CVE-2020-0922, CVE-2020-0997, CVE-2020-1057, CVE-2020-1129, CVE-2020-1172, CVE-2020-1182, CVE-2020-1200, CVE-2020-1210, CVE-2020-1252, CVE-2020-1285, CVE-2020-1319, CVE-2020-1452, CVE-2020-1453, CVE-2020-1460, CVE-2020-1508, CVE-2020-1576, CVE-2020-1593, CVE-2020-1595, CVE-2020-16857, CVE-2020-16862, CVE-2020-16874, CVE-2020-16875, Edge, Exchange Server, Internet Explorer, Microsoft Dynamics, Microsoft JET Database Engine, Microsoft Office, OneDrive, SQL Server, Visual Studio, Windows

Microsoft has released the September 2020 Security updates that includes patches for 129 vulnerabilities, 24 of them rated Critical. Adobe also released updates for Experience Manager, Framemaker and InDesign.

Microsoft September 2020 Security and Adobe Updates Read More »