In light of the ongoing Emotet malware campaign and the reports of threat actors exploiting the BlueKeep vulnerability, TTCSIRT has developed the following response plan in the event your organization becomes infected with ransomware: Isolate the infected computer(s) immediately – Infected systems should be removed from the network as soon as possible to prevent the […]
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. TTCSIRT encourages users and administrators to review the following releases from Cisco and apply the necessary solutions. Issues addressed include the following high level vulnerabilities: CVE-2019-15958 – […]
There are confirmed reports that the BlueKeep RDP flaw in Windows based systems is now being actively exploited in the wild. BlueKeep (CVE-2019-0708) is a security vulnerability that was discovered in Microsoft’s Remote Desktop Protocol implementation, which allows for the possibility of remote code execution. BlueKeep has the potential to cause significant damage like the […]
Google has released Chrome version 78.0.3904.87 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities (CVE-2019-13720) is a zero day as it was detected in exploits in the wild. TTCSIRT encourages users and administrators to review the following release […]
The Australian Cyber Security Centre (ACSC) has released an advisory on an ongoing, widespread Emotet malware campaign. Emotet is a Trojan—commonly spread via malicious email attachments—that attempts to proliferate within a network by brute forcing user credentials and writing to shared drives. ACSC provides indicators of compromise (IOCs) and recommendations to help organizations defend against […]
The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). BIND is the most common implementation of the DNS protocol on the Internet. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information or cause a denial of service. TTCSIRT […]
WordPress version 5.2.4 has been released. WordPress 5.2.3 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. TTCSIRT encourages users and administrators to review the following publications from WordPress and update your website forthwith: New Release Blog Post: https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/ How to […]
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. TTCSIRT encourages users and administrators to review the following advisories from Adobe and apply the necessary remediation actions forthwith: Adobe Acrobat and Reader for Windows and macOS https://helpx.adobe.com/security/products/acrobat/apsb19-49.html Adobe […]
Oracle has released its Critical Patch Update for October 2019 to address 219 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Due to the threat posed by a successful attack, TTCSIRT strongly recommends that administrators apply the Critical Security Patch Update as soon […]
Google has released Chrome version 77.0.3865.120 for Windows, Mac, and Linux. This new version addresses vulnerabilities that an attacker could exploit to take control of an affected system. TTCSIRT encourages users and administrators to review the following blog post from Google and update to the latest version of Chrome on all devices. Issues addressed include […]
