TTCSIRT-367.10.14.20: TT-CSIRT ADVISORY – Adobe Security Updates for Flash Player

TTCSIRT-366.10.14.20: TT-CSIRT ADVISORY – Apache Tomcat Security Updates

The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to obtain sensitive information.  Administrators are encouraged to review Apache Security Advisory for CVE-2020-13943 and upgrade to the appropriate version. For further information and support, please visit the following link:Apache Security updates

TTCSIRT-363.09.25.20: TT-CSIRT ADVISORY – LokiBot Malware

There has been a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020. Throughout this period, CISA’s EINSTEIN Intrusion Detection System has detected persistent malicious LokiBot activity. LokiBot uses a credential- and information-stealing malware, often sent as a malicious attachment and known for being simple, yet effective, making it […]

TTCSIRT-361.09.25.20: TT-CSIRT ADVISORY – Apple Security Updates

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators need to review the Apple security pages for the following products and apply the necessary updates: iCloud for Windows 11.4 macOS Catalina 10.15.7, Security Update 2020-005 High […]

TTCSIRT-360.09.15.20: TT-CSIRT ADVISORY – Iran-Based Threat Actor Exploits VPN Vulnerabilities

An analysis of threat actor’s indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) indicates a correlation with the group known by the names, Pioneer Kitten and UNC757. This Iran-based threat actor has been observed exploiting several publicly known Common Vulnerabilities and Exposures (CVEs) dealing with Pulse Secure virtual private network (VPN), Citrix NetScaler, […]

TTCSIRT-359.09.15.20: TT-CSIRT ADVISORY – Netlogon Remote Protocol Vulnerability

There is a publicly available exploit code for CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon. Although Microsoft provided patches for CVE-2020-1472 in August 2020, unpatched systems will be an attractive target for malicious actors. Attackers could exploit this vulnerability to obtain domain administrator access. For further information and support, please visit the following link:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472 […]

TTCSIRT-358.09.09.20: TT-CSIRT ADVISORY – Google Releases Security Updates for Chrome

Google has released Chrome version 85.0.4183.102 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. For further information and support, please visit the following link:https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop.html If you have any queries or comments with regards to this advisory, please feel free to contact TTCSIRT […]