CRITICAL F5 BIG-IP AND BIG-IQ VULNERABILTIES
Priority: Critical Summary Enterprise networking vendor F5 Networks has released details of multiple critical remote code execution (RCE) vulnerabilities affecting most versions of BIG-IP and BIG-IQ. F5 is urging all customers to update their deployments as soon as possible. 1 The four most critical vulnerabilities include a pre-authentication RCE vulnerability, which would allow an unauthenticated […]
Cloud Security Firm Qualys Falls Victim to Cyber Attack
Priority: High Summary On March 3rd 2021, a group known as Clop leaked files which appeared to originate from vulnerability management provider Qualys. These included documents such as purchase orders and scan reports [1]. Qualys later released a statement explaining that they were aware of the issue and that they believe it relates to a […]
Hafnium Targeting Exchange Servers
Priority: Critical Summary On 2nd March Microsoft released a number of fixes for vulnerabilities affecting on-premises installations of Exchange Server. The vulnerabilities are being actively exploited by an Advanced Persistent Threat Microsoft have dubbed ‘Hafnium’. 1 Customers should apply these patches immediately and monitor their Exchange Server deployments for any sign of compromise. Exchange Online […]
Critical Remote Code Execution Vulnerability In Vsphere Client
Priority: Critical SummaryVMware published a security advisory on Tuesday, 23rd February describing three vulnerabilities affecting their vCenter Server, ESXi and Cloud Foundation products (VMSA-2021-0002). Of the three vulnerabilities, CVE-2021-21972 is the most critical with a CVSSv3 score of 9.8 out of 10. This is an unauthenticated remote code execution (RCE) vulnerability found in the HTML5 […]
Windows TCP IP Remote Code Execution
Priority: Critical Summary:On 9th February Microsoft released a number of fixes for vulnerabilities in Windows’ TCP/IP implementation, including two that can lead to remote code execution (RCE).1 The associated CVE references are CVE-2021-240742, CVE-2021-240943, and CVE-2021-240864. The first two represent the RCE vulnerabilities, and the third is a denial of service (DoS) vulnerability. Microsoft state […]
Solarwinds Supply Chain Attack (Sunburst Malware)
Priority: Critical Executive Summary: A highly sophisticated attack using a trojanised version of SolarWinds’ Orion software has been discovered, affecting both private and public organisations globally.1 The attack is believed to have started as early as Spring 2020 and is still ongoing, making this an imminent threat to any organisation using SolarWinds Orion. The attackers […]
ZeroLogon Windows Active Directory Privileged Escalation Exploit
Priority: Critical Executive Summary: Researchers at Secura have recently created and published a proof-of-concept (PoC) exploit which can allow access to an organisation’s critical server, the Active Directory domain controller [1]. The researchers have named the PoC ‘Zerologon’. The vulnerability (CVE-2020-1472), carries a critical severity rating from Microsoft [2]. A successful exploit requires an attacker […]
Firebase Cloud Messaging Vulnerability Potentially Affecting Billions
Priority: Major Executive Summary: Users worldwide with Microsoft Teams installed on their Android/IOS devices have reported that they have been receiving suspicious push notifications since the early hours of Thursday 27th August. This follows from the recent uncovering of a vulnerability reported for Firebase Cloud Messaging, in which the exploitation of FCM Server keys, stored […]
CRITICAL WINDOWS DNS VULNERABILITY CVE-2020-1350
[vc_row][vc_column][vc_column_text css=”.vc_custom_1594804007589{margin-bottom: 0px !important;}”]Priority: Critical Executive Summary: Microsoft’s Security Response Center (MSRC) announced on 14 July 2020, they have released an update to patch CVE-2020-1350, which is a critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that has a CVSS score of 10, the maximum severity.[1] [2][3] The vulnerability exists in the way […]
Critical F5 TMUI Vulnerability CVE-2020-5902
[vc_row][vc_column][vc_column_text css=”.vc_custom_1593787218989{margin-bottom: 0px !important;}”]Priority: Critical Executive Summary: Security vendor F5 have released details of a vulnerability in their Traffic Management User Interface (TMUI), also known as the Configuration Utility, that has a CVSS score of 10, the maximum severity possible.[1] [2] The vulnerability (CVE-2020-5902), brought to F5’s attention by Mikhail Klyuchnikov of Positive Technologies, affects […]