Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Trump Campaign Site Hacked – What We Know & Lessons Learned

This entry was posted on October 27, 2020 by Mark Maunder

On October 27, 2020 at approximately 4:50pm Mountain Time, Donald Trump’s campaign website, www.donaldjtrump.com, was defaced. The attackers left a message claiming they had compromising information on President Trump. The defacement page contained two Monero cryptocurrency wallet IDs encouraging visitors to “vote” by sending cryptocurrency to the wallets, indicating that if the first wallet received more money than the second wallet, the attackers would release this compromising information.  Full Story…

CISA Election Security Alert: Threat Actors Compromise ‘Election Support Systems’

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a new joint alert about nation-state linked cyberattacks targeting both organizations and government agencies. And with very little daylight left between now and election day, CISA says the threat actors have managed to access “election support systems.” If you’re a nation-state cyber actor, what is better than a known… Read more

Fuzzing (fuzz testing) tutorial: What it is and how can it improve application security?

Dr. David Brumley, a professor at Carnegie Mellon University and CEO of ForAllSecure, explains what Fuzzing is and how companies can use it to improve application security and speed up their software development life cycle.

Watch Out For Brushing Scams!

Remember when mysterious seeds from China began arriving on doorsteps this summer? Authorities call this a brushing scam, defined as when people are sent products they didn’t order so the company can post fake customer reviews to boost sales. The boxes typically have no return address and contain lightweight, cheap-to-ship items.  Read  more…

Robot boats from MIT can now carry passengers

The latest “Roboat” is an autonomous vehicle that’s about six feet long and is being tested for use in Amsterdam.

Microsoft Warns of Continued Exploitation of CVE-2020-1472

Original release date: October 29, 2020

Microsoft has released a blog post on cyber threat actors exploiting CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon. A remote attacker can exploit this vulnerability to breach unpatched Active Directory domain controllers and obtain domain administrator access. The Cybersecurity and Infrastructure Security Agency (CISA) has observed nation state activity exploiting this vulnerability. This malicious activity has often, but not exclusively, been directed at federal and state, local, tribal, and territorial (SLTT) government networks.

CISA urges administrators to patch all domain controllers immediately—until every domain controller is updated, the entire infrastructure remains vulnerable, as threat actors can identify and exploit a vulnerable system in minutes. CISA has released a patch validation script to detect unpatched Microsoft domain controllers. If there is an observation of CVE-2020-1472 Netlogon activity or other indications of valid credential abuse detected, it should be assumed that malicious cyber actors have compromised all identity services.



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.