Cisco has released a Critical security update for three vulnerabilities in Small Business RV Routers. An unauthenticated, remote attacker could execute arbitrary code or cause a denial of service (DoS) condition on an unpatched device.
Microsoft has issued guidance on mitigating PetitPotam NTLM relay attacks against Windows domain controllers or other Windows servers.
Samba has released a software update to fix a vulnerability (CVE-2021-20254) that could allow an attacker unauthorized access to files. A remote attacker could take advantage of this bug and exploit unpatched systems.
Samba has released software updates to fix two High severity security vulnerabilities (CVE-2020-27840 and CVE-2021-20277) that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
The Federal Trade Commission (FTC) has released a new video to help keep your small business safe from fraud. This is another video in a series of videos from the FTC Protecting Small Businesses playlist.
A security researcher has developed new proof-of-concept (PoC) code that can exploit an SMBv3 compression remote code execution (RCE) vulnerability CVE-2020-0796 on unpatched Windows systems.
TrickBot recently replaced one of its propagation modules “mworm” with new module named “nworm.” The updated module can exploit vulnerable domain controllers (DCs) and evade detection by running in memory.
Microsoft released the March 2020 Security Updates that include 115 unique vulnerability fixes, 26 of those rated critical. This is the largest patch release in Microsoft’s history. Microsoft also issued guidance and a new security update to fix an SMBv3 RCE vulnerability dubbed SMBGhost.