MULTIPLE VULNERABILITIES IN IBM SECURITY GUARDIUM INSIGHTS COULD ALLOW FOR PROGRAM COMPROMISE

MULTIPLE VULNERABILITIES IN IBM SECURITY GUARDIUM INSIGHTS COULD ALLOW FOR PROGRAM COMPROMISE  Summary: This MS-ISAC advisory is included to advise users of vulnerabilities that affect a network monitoring platform for anomalies. Users of this platform are advised to install patches and use best practices for network security. Posted Date: 08/24/2020 Published Date: 08/24/2020 Source: MS-ISAC […]

FOREIGN ADVERSARIES ARE TARGETING U.S. ELECTIONS WITH DISINFORMATION

FOREIGN ADVERSARIES ARE TARGETING U.S. ELECTIONS WITH DISINFORMATION  SUMMARY As the election approaches, foreign adversaries continue to use social media to attempt to influence voters. The attached advisory includes guidance to understand and mitigate the threat. The mitigation guidance includes the following: » Know the source and verify your information  » Use official websites and […]

CYBER CRIMINALS TAKE ADVANTAGE OF INCREASED TELEWORK THROUGH VISHING CAMPAIGN

CYBER CRIMINALS TAKE ADVANTAGE OF INCREASED TELEWORK THROUGH VISHING CAMPAIGN  SUMMARY With so many organizations adopting work from home and enabling VPN access for employees, it’s no surprise that bad actors are taking advantage and launching advanced attacks. In this advisory, actors are observed using social engineering on employees by setting up fake/similar domains to […]

SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers CVE-2020-1350

SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17-Year-old Bug in Windows DNS Servers CVE-2020-1350 Check Point released research today of a discovered vulnerability in Microsoft DNS that affects every server version since Server 2003: https://msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server/   This vulnerability is a huge deal. It can be launched remotely, by an unauthenticated user, requiring no […]