TTCSIRT-350.09.03.20: TT-CSIRT ADVISORY – Ransomware families LockBit, Maze headline ransomware

  • Home
  • Archive for category "Security Advisories"
TTCSIRT-350.09.03.20: TT-CSIRT ADVISORY – Ransomware families LockBit, Maze headline ransomware
By

Cisco Talos Incident Response (CTIR) observed ransomware dominating the threat landscape over the past quarter, according to a new report. Infections involved a wide variety of malware families including LockBit and Maze, among others. Sixty-six percent of all ransomware attacks this quarter involved the red-teaming framework Cobalt Strike, suggesting that ransomware actors are increasingly relying […]

Read More
TTCSIRT-348.08.31.20: TT-CSIRT ADVISORY – Cisco’s active IOS XR zero-day exploit
By

Cisco warns of a new zero-day vulnerability impacting the Internetwork Operating System (IOS) that ships with its networking equipment. The vulnerability, tracked as CVE-2020-3566, impacts the Distance Vector Multicast Routing Protocol (DVMRP) feature that ships with the IOS XR version of the operating system. This version of the OS is usually installed on carrier-grade and […]

Read More
TTCSIRT-347.08.28.20: TT-CSIRT ADVISORY – Atutor SQL Injection
By

An SQL injection vulnerability exists in ATutor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system. This module exploits a SQL Injection vulnerability and an authentication weakness vulnerability in ATutor. This essentially means an attacker can bypass authentication and reach the administrator’s interface where they […]

Read More
TTCSIRT-345.08.28.20: TT-CSIRT ADVISORY -VMware ESXi, vCenter Server, and Cloud Foundation denial of services
By

A vulnerability was found in VMware ESXi and vCenter Server (Server Management Software) (the affected version is unknown). It has been declared as problematic. This vulnerability affects some unknown functionality of the component Authentication Service. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is […]

Read More
TTCSIRT-344.08.24.20: TT-CSIRT ADVISORY – ISC Releases Security Advisories for BIND
By

ISC has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following ISC advisories for more information and to apply the necessary […]

Read More
TTCSIRT-342.08.24.20: TT-CSIRT ADVISORY – BLINDINGCAN Malware
By

On August 19, 2020, The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) publicly released a Malware Analysis Report (MAR) and associated samples labeled BLINDINGCAN. The information contained in the report is the result of analytic efforts between the Department of Homeland Security (DHS) and the FBI to provide technical […]

Read More
TTCSIRT-340.08.20.20: TT-CSIRT ADVISORY – Microsoft Issues Emergency Security Updates for Windows 8.1 and Server 2012 R2
By

Microsoft has issued an emergency out-of-band software update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 systems to patch two new recently disclosed security vulnerabilities. Tracked as CVE-2020-1530 and CVE-2020-1537, both flaws reside in the Remote Access Service (RAS) in a way it manages memory and file operations and could let remote attackers gain elevated […]

Read More

Quick Navigation

Partner Agencies

Subscribe to Stay Updated!

Subscribe

Follow on social media:

Facebook-f X-twitter Linkedin-in Instagram