CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated)

The Cybersecurity and Infrastructure Security Agency (CISA) has warned the recent compromise by threat actors of SolarWinds poses a 'grave risk' to critical infrastructure, government and private sector organizations.

Continue Reading CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated)

Microsoft October 2020 Security Updates and “Bad Neighbor” RCE fix (updated)

Microsoft has released the October 2020 Security updates that includes patches for 87 vulnerabilities, 11 of them rated Critical. The update also includes a patch for a Critical "Bad Neighbor" vulnerability and two out-of-band patches.

Continue Reading Microsoft October 2020 Security Updates and “Bad Neighbor” RCE fix (updated)

Exploit code available for ‘Zerologon’ vulnerability (CVE-2020-1472) that affects Microsoft Netlogon

The Cybersecurity and Infrastructure Security Agency (CISA) issued a new security advisory warning of publicly available exploit code for a Microsoft Netlogon vulnerability CVE-2020-1472. Researchers have dubbed the vulnerability 'Zerologon' that could allow attackers to hijack Windows domain controllers.

Continue Reading Exploit code available for ‘Zerologon’ vulnerability (CVE-2020-1472) that affects Microsoft Netlogon