TTCSIRT-342.08.24.20: TT-CSIRT ADVISORY – BLINDINGCAN Malware
On August 19, 2020, The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) publicly released a Malware Analysis Report (MAR) and associated samples labeled BLINDINGCAN.…
Read MoreTTCSIRT-341.08.24.20: TT-CSIRT ADVISORY – Vulnerability in Thales Product
IBM researchers have discovered a new IoT vulnerability that can be exploited remotely. The manufacturer, Thales, has made a patch available for CVE-2020-15858 to customers and X-Force Red has been…
Read MoreTTCSIRT-340.08.20.20: TT-CSIRT ADVISORY – Microsoft Issues Emergency Security Updates for Windows 8.1 and Server 2012 R2
Microsoft has issued an emergency out-of-band software update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 systems to patch two new recently disclosed security vulnerabilities. Tracked as CVE-2020-1530 and CVE-2020-1537,…
Read MoreTTCSIRT-339.08.19.20: TT-CSIRT ADVISORY – Google Chrome Zero-Day That Allow Attackers To Fully Bypass CSP Rules
A Zero-day vulnerability has been affecting the Chromium-based browsers like Chrome, Opera, Edge – on Windows, Mac, and Android. And more importantly, they are allowing the attackers to completely bypass…
Read MoreTTCSIRT-338.08.19.20: TT-CSIRT ADVISORY – Microsoft Windows Kernel Information Disclosure
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieveinformation that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker…
Read MoreTTCSIRT-337.08.19.20: TT-CSIRT ADVISORY – Microsoft Internet Explorer Scripting Engine Memory Corruption
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that…
Read More