Mississippi Office of the State Auditor – Ransomware Attack Warning
Mississippi Office of the State Auditor – Ransomware Attack Warning
SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers CVE-2020-1350
SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17-Year-old Bug in Windows DNS Servers CVE-2020-1350 Check Point released research today of a discovered vulnerability in Microsoft DNS that affects every server version since Server 2003: https://msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server/ This vulnerability is a huge deal. It can be launched remotely, by an unauthenticated user, requiring no […]
Amazon walks back email requiring employees to remove Tik-Tok app from mobile devices
Amazon walks back email requiring employees to remove Tik-Tok app from mobile devices The popular app Tik-Tok has been banned (or at least heavily scrutinized) by many organizations, notably the US Government for privacy concerns related to data leakage back to China. The disclosure relates to the unauthorized usage of data placed on the clipboard […]
US Local Government Services Targeted by New Magecart Credit Card Skimming Attack
US Local Government Services Targeted by New Magecart Credit Card Skimming Attack Trend Micro reveals a credit card skimming attack on municipality websites that use Click2Gov and had MageCart vulnerabilities for their credit card payment systems. Organizations must be vigilant with vulnerability and patch management. These attacks are expected to continue. Link to story: US […]
MULTIPLE VULNERABILITIES IN NETGEAR PRODUCTS COULD ALLOW FOR REMOTE CODE EXECUTION
MULTIPLE VULNERABILITIES IN NETGEAR PRODUCTS COULD ALLOW FOR REMOTE CODE EXECUTION Summary: Netgear has published several vulnerabilities in their firmware that allow for remote code execution. Successful exploitation can result in the attacker gaining full control of the system. Failed attempts to exploit may cause Denial of Service. Customers are advised to upgrade immediately. We […]
