Microsoft October 2020 Security Updates and “Bad Neighbor” RCE fix (updated)

Microsoft has released the October 2020 Security updates that includes patches for 87 vulnerabilities, 11 of them rated Critical. The update also includes a patch for a Critical "Bad Neighbor" vulnerability and two out-of-band patches.

Continue Reading Microsoft October 2020 Security Updates and “Bad Neighbor” RCE fix (updated)

Exploit code available for ‘Zerologon’ vulnerability (CVE-2020-1472) that affects Microsoft Netlogon

The Cybersecurity and Infrastructure Security Agency (CISA) issued a new security advisory warning of publicly available exploit code for a Microsoft Netlogon vulnerability CVE-2020-1472. Researchers have dubbed the vulnerability 'Zerologon' that could allow attackers to hijack Windows domain controllers.

Continue Reading Exploit code available for ‘Zerologon’ vulnerability (CVE-2020-1472) that affects Microsoft Netlogon

Chinese threat actors targeting U.S. government agencies and these 4 CVEs

Chinese Ministry of State Security (MSS)-affiliated cyber threat actors are targeting U.S. government agencies, as well as exploiting four popular vulnerabilities over the past 12 months.

Continue Reading Chinese threat actors targeting U.S. government agencies and these 4 CVEs

BIND and Microsoft DNS security updates

The Internet Systems Consortium (ISC) has released two security updates that fix vulnerabilities on multiple versions of BIND. In addition, Microsoft also issued a new DNS security advisory and workaround. The flaws could allow a remote attacker to exploit and cause a denial of service condition.

Continue Reading BIND and Microsoft DNS security updates