June 2020
View our Cyber Bulletin for June here.
Who is Microsoft security for?
I’ve written before of the innovation, ingenuity, coverage and effectiveness of the Microsoft security stack and I’m in no doubt that they have one of the very best “end-to-end” security control and visibility solutions available. So much for that then, but who is the intended consumer? I come across some understandable confusion when talking to […]
Post-Webinar Summary: Why Collaborate?
At the beginning of the year, we announced at our annual Cyber Summit our vision and theme for 2020: Collaboration. At ITC, we believe that we defend better when we defend together. Halfway through the year and in the midst of a global pandemic, who knew that word would become so prevalent. Last week, on […]
106 MALICIOUS CHROME EXTENSIONS TAKEN OFFLINE
Priority: Medium Executive Summary: Google have removed 106 malicious browser extensions from the Chrome Web Store after being found malicious. The malicious extensions are said to have posed as a variety of tools, such as file conversion tools and even security scanners. However, analysis of the extensions’ behaviour and code indicates that they had ulterior […]
Why Collaborate? Featuring expert panel
SMBLEED AND MICROSOFT PATCH TUESDAY
Priority: Critical Executive Summary: Researchers at ZecOps have publicly disclosed a Proof of Concept (PoC) for a vulnerability that they discovered in SMBv3 whilst investigating SMBGhost [1]. They have named this vulnerability SMBleed (CVE-2020-1206). Although, by itself, exploiting the vulnerability only achieves information disclosure, the researchers have combined the attacks of SMBleed (as advised yesterday) […]
SMBGHOST (CVE-2020-0796) REMOTE CODE EXECUTION PROOF OF CONCEPT
Priority: Critical Executive Summary: A functional remote code execution (RCE) proof of concept has been publicly released for CVE-2020-0796 (a.k.a. SMBGhost, NexternalBlue, CoronaBlue). Previous research was only able to achieve local privilege escalation (LPE).[1] SMBGhost is caused by a flaw in the SMBv3 protocol that mishandles certain requests. An unauthenticated attacker can target an SMBv3 […]
To CISO or CISOaaS, that is the question
Data has become one of the most valuable currencies in the world that we now work and live in. Cyber-attacks are becoming more frequent, with the end to stopping cyber-criminals nowhere in sight. In a digital world where technology evolves rapidly and data use and consumption are on the rise, there is an increasing threat […]