There are confirmed reports that the BlueKeep RDP flaw in Windows based systems is now being actively exploited in the wild. BlueKeep (CVE-2019-0708) is a security vulnerability that was discovered in Microsoft’s Remote Desktop Protocol implementation, which allows for the possibility of remote code execution. BlueKeep has the potential to cause significant damage like the …
Google has released Chrome version 78.0.3904.87 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities (CVE-2019-13720) is a zero day as it was detected in exploits in the wild. TTCSIRT encourages users and administrators to review the following release …
The Australian Cyber Security Centre (ACSC) has released an advisory on an ongoing, widespread Emotet malware campaign. Emotet is a Trojan—commonly spread via malicious email attachments—that attempts to proliferate within a network by brute forcing user credentials and writing to shared drives. ACSC provides indicators of compromise (IOCs) and recommendations to help organizations defend against …
The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). BIND is the most common implementation of the DNS protocol on the Internet. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information or cause a denial of service. TTCSIRT …
WordPress version 5.2.4 has been released. WordPress 5.2.3 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. TTCSIRT encourages users and administrators to review the following publications from WordPress and update your website forthwith: New Release Blog Post: https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/ How to …
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. TTCSIRT encourages users and administrators to review the following advisories from Adobe and apply the necessary remediation actions forthwith: Adobe Acrobat and Reader for Windows and macOS https://helpx.adobe.com/security/products/acrobat/apsb19-49.html Adobe …
Oracle has released its Critical Patch Update for October 2019 to address 219 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Due to the threat posed by a successful attack, TTCSIRT strongly recommends that administrators apply the Critical Security Patch Update as soon …
Google has released Chrome version 77.0.3865.120 for Windows, Mac, and Linux. This new version addresses vulnerabilities that an attacker could exploit to take control of an affected system. TTCSIRT encourages users and administrators to review the following blog post from Google and update to the latest version of Chrome on all devices. Issues addressed include …
Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine. TTCSIRT encourages users and administrators to review the following advisories from Intel and apply the necessary remediation actions: CVE-2019-14569 – Potential security vulnerabilities in system …
The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an alert on advanced persistent threat (APT) actors exploiting vulnerabilities in Virtual Private Network (VPN) applications. Affected applications include those by Fortinet, Palo Alto and Pulse Secure. TTCSIRT encourages users and administrators to read the NCSC alert for more information and see the following …