Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Zerologon Attack Targeting Windows Servers
Advisory Overview A critical vulnerability has been discovered which affects potentially all Windows domain controllers and can allow an unauthenticated attacker on the network to take control of an Active Directory domain controller at will. This can allow the attacker...
Cybersecurity Threat Advisory: Microsoft’s Patch Critical RCE Flaws
Advisory Overview Several Remote Code Execution (RCE) security flaws were announced in Microsoft’s patch Tuesday; 129 security bugs to be exact. As remote work increases, the need for RCE security increases and at an overwhelming rate. A strong mitigation tactic...
Cybersecurity Threat Advisory: Palo Alto Buffer Overflow Vulnerability (CVE-2020-2040)
Advisory Overview Palo Alto has released a patch for a buffer overflow remote code execution (RCE) vulnerability for their PAN-OS 8.1, 9.0, and 9.1 versions. The vulnerability can allow threat actors to bypass Multi-Factor Authentication (MFA) and execute potentially malicious...
Cybersecurity Threat Advisory: (DVMRP) Vulnerability Found in Cisco IOS XR
Advisory Overview A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. A successful exploit by such an attacker could...
Cybersecurity Threat Advisory WordPress File Manager Plugin Vulnerability
Advisory Overview A vulnerability has been discovered in a the popular “File Manager” plugin for the content management system WordPress that can allow an unauthenticated remote attacker to create/move a potentially malicious file on a vulnerable host. This can allow...
Cybersecurity Threat Advisory: Major Vishing Campaign
Advisory Overview The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have recently issued a warning about the growing threat of “vishing” attacks against companies. Vishing (voice phishing) is a social engineering method that uses...
Cybersecurity Threat Advisory: FritzFrog P2P Botnet
Advisory Overview Researchers at Guardicore have identified a peer-to-peer (P2P) botnet, dubbed FritzFrog, brute-forcing SSH servers since January. Once breached, a worm is executed to run malicious payloads which can further expand the botnet by compromising additional devices as well...
Cybersecurity Threat Advisory: Team Viewer Vulnerability
Advisory Overview A vulnerability has been discovered in remote desktop connection application “TeamViewer” that can allow an attacker to steal the login information (username and hashed password) of a user. This can allow the attacker to crack the stolen password...
Cybersecurity Threat Advisory: Two Microsoft Zero-Day Vulnerabilities
Advisory Overview Microsoft has addressed two zero-day vulnerabilities in this week’s rollout of security patches. One of the zero-day vulnerabilities could allow an attacker to bypass security features intended to prevent improperly signed files from being loaded; the other zero-day...
Cybersecurity Threat Advisory: Pulse Secure VPN Server Data Leak
Advisory Overview Over 900+ Pulse VPN servers were breached and had their data leaked online. The data includes plaintext username, passwords, IP addresses, user session cookies, administrator details and private encryption keys. Technical detail and additional information What is the...