Search results for: CVE-2019-0604

Patch Tuesday

September 2020 Patch Tuesday: Microsoft fixes over 110 CVEs again

On this September 2020 Patch Tuesday: Microsoft has plugged 129 security holes, including a critical RCE flaw that could be triggered by sending a specially crafted email to an affected Exchange Server installation Adobe has delivered security updates for Adobe Experience Manager, AEM Forms, Framemaker and InDesign Intel has released four security advisories SAP has released 10 security notes and updates to six previously released notes Microsoft’s updates Microsoft has released patches for 129 CVEs, … More

Microsoft SharePoint

Details and PoC for critical SharePoint RCE flaw released

Last week, a “wormable” remote code execution flaw in the Windows DNS Server service (CVE-2020-1350) temporarily overshadowed all the other flaws patched by Microsoft on July 2020 Patch Tuesday, but CVE-2020-1147, a RCE affecting Microsoft SharePoint, was also singled out as critical and requiring a speedy fix. Implementing the offered security updates has since become even more urgent, as more exploitation details and a PoC have been released on Monday. About CVE-2020-1147 CVE-2020-1147 is found … More

Hand

Have you patched these top 10 routinely exploited vulnerabilities?

The US Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations to patch a slew of old and new software vulnerabilities that are routinely exploited by foreign cyber actors and cyber criminals. “Foreign cyber actors continue to exploit publicly known—and often dated—software vulnerabilities against broad target sets, including public and private sector organizations. Exploitation of these vulnerabilities often requires fewer resources as compared with zero-day exploits for which no patches are available,” the agency noted. … More

ransomware

How to thwart human-operated ransomware campaigns?

Most ransomware campaigns hitting healthcare organizations and critical services right now are just the final act of a months-long compromise. “Using an attack pattern typical of human-operated ransomware campaigns, attackers have compromised target networks for several months beginning earlier this year and have been waiting to monetize their attacks by deploying ransomware when they would see the most financial gain,” says the Microsoft Threat Protection Intelligence Team. Organizations who have yet to witness the final … More

snake

Web shell malware continues to evade many security tools

Cyber attackers are increasingly leveraging web shell malware to get persistent access to compromised networks, the US National Security Agency and the Australian Signals Directorate warn. What are web shells? Web shells are malicious scripts that are uploaded to target systems (usually web servers) to enable attackers to control it remotely. In affect, they create a backdoor into the target system. The threat is not limited to internet-facing web servers, though, and can be deployed … More

United Nations

UN hacked: Attackers got in via SharePoint vulnerability

In summer 2019, hackers broke into over 40 (and possibly more) UN servers in offices in Geneva and Vienna and downloaded “sensitive data that could have far-reaching repercussions for staff, individuals, and organizations communicating with and doing business with the UN,” The New Humanitarian reported on Wednesday. The UN, unfortunately, did not share that discovery with the authorities, the public, or even the potentially affected staff, and we now know about it only because TNH … More

Intel CPU

Week in review: New Intel CPU vulnerabilities, SharePoint servers under attack

Here’s an overview of some of last week’s most interesting news and articles: High-risk vulnerability in Cisco’s secure boot process impacts millions of devices Red Balloon Security has discovered a high-risk vulnerability in Cisco’s secure boot process which impacts a wide range of Cisco products in use among enterprise and government networks, including routers, switches and firewalls. Tips to spring clean your company’s social media and stay protected Spring is a great time for organizations … More

Microsoft SharePoint

SharePoint servers under attack through CVE-2019-0604

CVE-2019-0604, a critical vulnerability opening unpatched Microsoft SharePoint servers to attack, is being exploited by attackers to install a web shell. The web shell allows them to achieve continuous access to the system and, potentially, to the internal network on which it resides. According to the Canadian Centre for Cyber Security, researchers have identified compromised systems belonging to the academic, utility, heavy industry, manufacturing and technology sectors. About CVE-2019-0604 SharePoint is a web-based collaborative platform … More

patch

February 2019 Patch Tuesday: PrivExchange hole plugged

For the February 2019 Patch Tuesday, Microsoft has released fixes for over 70 CVE-numbered vulnerabilities, 20 of which are rated Critical. Also rated Critical are the Adobe Flash security update (ADV190003, which carries a fix for CVE-2019-7090, an information disclosure flaw in Adobe Flash Player), and the latest servicing stack updates (ADV990001). Previously disclosed and exploited vulnerabilities “Two vulnerabilities were publicly disclosed previous to today’s releases,” notes Greg Wiseman, senior security researcher for Rapid7. “CVE-2019-0686, … More