DDOS ATTACK EXTORTION CAMPAIGN IMPERSONATES FANCY BEAR AND ARMADA COLLECTIVE

Cybercriminals claiming to be Fancy Bear and Armada Collective have been observed to be threatening organizations from different sectors with distributed denial of service (DDoS) attacks. They are trying to extort money from the organization by demanding a ransom payment in order to prevent the alleged DDoS attacks. The threat actors sent extortion emails to continue reading : DDOS ATTACK EXTORTION CAMPAIGN IMPERSONATES FANCY BEAR AND ARMADA COLLECTIVE

MICROSOFT’S TWO ZERO-DAY VULNERABILITIES (CVE-2020-1464 and CVE-2020-1380)

Microsoft has patched over one-hundred twenty (120) vulnerabilities across thirteen (13) of its products as part of its monthly security and non-security update. Two of the addressed flaws have reportedly been exploited in the wild as a zero-day, likely as part of a targeted attack. A spoofing vulnerability tracked as CVE-2020-1464 affecting Windows Operating System continue reading : MICROSOFT’S TWO ZERO-DAY VULNERABILITIES (CVE-2020-1464 and CVE-2020-1380)

SigRed Remote Code Execution Vulnerability (CVE-2020-1350)

A critical vulnerability tracked as (CVE-2020-1350) affecting Windows Server versions 2003 to 2019 has been patched after being in the system’s code for almost 17 years. Also known as SigRed, the 17-year-old ‘wormable’ remote code execution (RCE) vulnerability could propagate itself across vulnerable machines in a network without the need of a user’s interaction, allowing continue reading : SigRed Remote Code Execution Vulnerability (CVE-2020-1350)

F5 BIG-IP Vulnerability

Following the released Security Advisory and Proof-of-Concept for the critical remote code execution (RCE) vulnerability found on F5’s BIG-IP products. Threat Actors are observed to have been leveraging unpatched and vulnerable devices to gain full control of an affected system. Tracked as CVE-2020-5902, the flaw can allow a remote attacker to access the Traffic Management continue reading : F5 BIG-IP Vulnerability

Security Measures for the Academe

CERT-PH has been monitoring and receiving reports on cyber-attacks targeting the academe sector over the past weeks. These security incidents, mainly involving data breaches and web defacements, affected information systems of schools/universities across the country. With the rise on the number of users using online systems for remote working and learning because of the pandemic, continue reading : Security Measures for the Academe

SMBleed – Microsoft SMB Protocol Vulnerability

A new critical vulnerability (CVE-2020-1206) affecting Microsoft Windows operation system’s Server Message Block (SMB) protocol was recently publicly disclosed. The vulnerability dubbed SMBleed, resides in SMB version 3.1.1’s decompression function, Srv2DecompressData. An unauthenticated attacker can exploit the vulnerability by sending a specially crafted message request to a targeted SMB server, and successful exploitation could allow continue reading : SMBleed – Microsoft SMB Protocol Vulnerability

Beware of Digital Credit Card Theft

Online shopping is already a widespread method of purchasing goods and services in the Philippines. With the implementation of the enhanced community quarantine because of the COVID-19 pandemic, most people prefer to shop essential goods from the safety and comfort of their homes.  The 𝐂𝐄𝐑𝐓-𝐏𝐇 𝐨𝐟 𝐭𝐡𝐞 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐁𝐮𝐫𝐞𝐚𝐮 is warning online shoppers who use continue reading : Beware of Digital Credit Card Theft

Windows Adobe Type Manager Library Zero-Day Vulnerabilities

Microsoft warned about limited targeted attacks exploiting two zero-day vulnerabilities found in the Windows Adobe Type Manager Library. The two vulnerabilities are said to be remote code execution (RCE) vulnerabilities that exist in the way that Windows’ Adobe Type Manager Library handles certain fonts. The bug can be exploited by tricking the victim into opening continue reading : Windows Adobe Type Manager Library Zero-Day Vulnerabilities