MULTIPLE VULNERABILITIES IN IBM SECURITY GUARDIUM INSIGHTS COULD ALLOW FOR PROGRAM COMPROMISE
MULTIPLE VULNERABILITIES IN IBM SECURITY GUARDIUM INSIGHTS COULD ALLOW FOR PROGRAM COMPROMISE Summary: This MS-ISAC advisory is included to advise users of vulnerabilities that affect a network monitoring platform for anomalies. Users of this platform are advised to install patches and use best practices for network security. Posted Date: 08/24/2020 Published Date: 08/24/2020 Source: MS-ISAC […]
FOREIGN ADVERSARIES ARE TARGETING U.S. ELECTIONS WITH DISINFORMATION
FOREIGN ADVERSARIES ARE TARGETING U.S. ELECTIONS WITH DISINFORMATION SUMMARY As the election approaches, foreign adversaries continue to use social media to attempt to influence voters. The attached advisory includes guidance to understand and mitigate the threat. The mitigation guidance includes the following: » Know the source and verify your information » Use official websites and […]
CYBER CRIMINALS TAKE ADVANTAGE OF INCREASED TELEWORK THROUGH VISHING CAMPAIGN
CYBER CRIMINALS TAKE ADVANTAGE OF INCREASED TELEWORK THROUGH VISHING CAMPAIGN SUMMARY With so many organizations adopting work from home and enabling VPN access for employees, it’s no surprise that bad actors are taking advantage and launching advanced attacks. In this advisory, actors are observed using social engineering on employees by setting up fake/similar domains to […]
Mississippi Office of the State Auditor – Ransomware Attack Warning
Mississippi Office of the State Auditor – Ransomware Attack Warning
SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers CVE-2020-1350
SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17-Year-old Bug in Windows DNS Servers CVE-2020-1350 Check Point released research today of a discovered vulnerability in Microsoft DNS that affects every server version since Server 2003: https://msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server/ This vulnerability is a huge deal. It can be launched remotely, by an unauthenticated user, requiring no […]
