This entry was posted on October 27, 2020 by Mark Maunder
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a new joint alert about nation-state linked cyberattacks targeting both organizations and government agencies. And with very little daylight left between now and election day, CISA says the threat actors have managed to access “election support systems.” If you’re a nation-state cyber actor, what is better than a known… Read more
Dr. David Brumley, a professor at Carnegie Mellon University and CEO of ForAllSecure, explains what Fuzzing is and how companies can use it to improve application security and speed up their software development life cycle.
Remember when mysterious seeds from China began arriving on doorsteps this summer? Authorities call this a brushing scam, defined as when people are sent products they didn’t order so the company can post fake customer reviews to boost sales. The boxes typically have no return address and contain lightweight, cheap-to-ship items. Read more…
The latest “Roboat” is an autonomous vehicle that’s about six feet long and is being tested for use in Amsterdam.
Original release date: October 29, 2020
Microsoft has released a blog post on cyber threat actors exploiting CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon. A remote attacker can exploit this vulnerability to breach unpatched Active Directory domain controllers and obtain domain administrator access. The Cybersecurity and Infrastructure Security Agency (CISA) has observed nation state activity exploiting this vulnerability. This malicious activity has often, but not exclusively, been directed at federal and state, local, tribal, and territorial (SLTT) government networks.
CISA urges administrators to patch all domain controllers immediately—until every domain controller is updated, the entire infrastructure remains vulnerable, as threat actors can identify and exploit a vulnerable system in minutes. CISA has released a patch validation script to detect unpatched Microsoft domain controllers. If there is an observation of CVE-2020-1472 Netlogon activity or other indications of valid credential abuse detected, it should be assumed that malicious cyber actors have compromised all identity services.