What is the SIGRed Vulnerability (CVE-2020-1350)? SIGRed (CVE-2020-1350) is a critical, wormable RCE (remote code execution) vulnerability in the Windows DNS Server, that can be triggered by an attacker with malicious DNS response. It received a CVSS base score of 10, and according to the Check Point researchers who found this 17-year-old flaw, the likelihood of exploitation is high.
As the vulnerability remediation experts we’ve made a practice of publishing remedies, fixes, and solutions for the more high-profile vulnerabilities we’ve come across over the years. This blog post will answer, “What is Google Chrome CVE-2020-15999?” but more importantly I’m excited to announce the availability of Vulcan Remedy Cloud as a free and curated database… Continue reading What is the Google Chrome CVE-2020-15999 vulnerability?
TL;DR The BootHole vulnerability is not critical (yet), but it could potentially effect billions of devices worldwide. Exploiting it requires high privileges or physical access. Now while there are no full patches available at this time, we’ve written this blog, and published this episode of The Vulnerability Report, to help you detect vulnerable devices, mitigate the… Continue reading What is the BootHole Vulnerability (CVE-2020-10713)?
Update June 2022: The Vulcan Cyber research team, aka “Voyager18” has worked on mapping CVEs to relevant tactics and techniques from the MITRE ATT&CK matrix. Visit the dedicated site here. While vulnerability management isn’t natively mapped to the MITRE ATT&CK framework by default, using cyber knowledge, data science, machine learning and artificial intelligence, CVEs can be efficiently integrated with ATT&CK in a way that delivers distinct advantages… Continue reading Remediating the MITRE framework and att&ck with VM
SMBleed (CVE-2020-1206), its relation to SMBGhost and how to fix them The SMBleed vulnerability (CVE-2020-1206) allows an attacker to read uninitialized kernel memory. It happens in the same function as SMBGhost (CVE-2020-0796), a bug in the compression mechanism of SMBv3.1.1, as explained in a previous blog.
Over the past couple of weeks, we’ve seen some high profile security threats that require your immediate attention. In this digest we’ve rounded them all up. Now in order to help you address these threats, I’ve added actionable steps for you to follow in order to mitigate these risks.
With all the buzz around the latest campaigns and exploits, it might seem hard to know what really demands your attention. That’s why we’ve decided to round up the top security threats from the past couple of weeks that really require your attention.
The Coronavirus pandemic has drastically changed our reality in a blink of an eye. With WFH and social distancing becoming the new norm. While these measures are key to reducing the risk of contracting COVID-19, from a security standpoint working from home introduces other risks.
The past couple of weeks have presented many challenges from a security standpoint. There’s a lot of noise around threat actors, phishing campaigns etc., and it might seem hard to differentiate between what’s actually requires attention and what doesn’t.
Microsoft have accidentally revealed information regarding a security update for a wormable vulnerability SMBGhost (CVE-2020-0796) in the Microsoft Server Message Block protocol.