As more organizations move towards telecommuting (work from home) in an attempt to curtail the spread of COVID-19, the U.S. Cyber and Infrastructure Security Agency (CISA) has issued guidelines for securing enterprise VPN systems. TT-CSIRT encourages all organizations to review the CISA Alert (AA20-073A) and take the necessary actions.
Microsoft has published an advisory for a critical remote code execution (RCE) vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3). This vulnerability affects both SMB servers and SMB clients. .This vulnerability evokes memories of EternalBlue, an RCE vulnerability in Microsoft SMBv1 that was used as part of the WannaCry ransomware attacks in 2017. (Satnam Narang, …
A vulnerability in the malware detection functionality in Cisco Advanced Malware Protection (AMP) in Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated remote attacker to exhaust resources on an affected device. The vulnerability is due to insufficient control over system memory allocation. An attacker could exploit this vulnerability by sending …
Tomcat has released security updates to address vulnerabilities affecting multiple products. This update for tomcat to version 9.0.31 fixes the following three (3) issues: CVE-2019-17569, CVE-2020-1935 and CVE-2020-1938. TT-CSIRT encourages users and administrators to review and apply the necessary updates: https://www.suse.com/support/update/announcement/2020/suse-su-20200598-1
The most popular free certificate signing authority Let’s Encrypt is going to revoke more than 3 million TLS certificates within the next 24 hours that may have been issued wrongfully due to a bug in its Certificate Authority software. The most popular free certificate signing authority Let’s Encrypt is going to revoke more than 3 million TLS certificates within …