Read all of our news, articles, reviews, and more in our company blog
On January 26th, 2020, Mimecast released an updated statement about the compromise first published on January 12th 2020.
On December 13th, 2020, SolarWinds released a statement along with FireEye about a current and ongoing supply chain compromise surrounding the SolarWinds Orion products. This impacts SolarWinds Orion software versions 2019.4 through 2020.2.1, released between March 2020 and June 2020. SolarWinds has pushed out a hotfix that will resolve the affected product.
Recently, The FBI, the Department of Health and Human Services and the Cybersecurity and Infrastructure Security Agency (CISA) released an alert that warned that the healthcare industry was being targeted by hackers.
Microsoft announced a critical vulnerability as part of their Patch Tuesday on 10/12/2020. CVE-2020-16898, dubbed "Bad Neighbor", is a remote code execution (RCE) that occurs when the Windows TCP/IP stack incorrectly handles ICMPv6 Router Advertisement packets with an even length field.
Datashield recommends patching any Microsoft Windows domain controllers due to the recently released vulnerability, CVE-2020-1472, and subsequent release of publicly available proof of concepts (POC’s). An unauthenticated attacker with access to the network and a route to a domain controller, will allow attackers to compromise it and obtain domain admin privileges in the network. There is no current mitigation besides patching the affected domain controllers.
Microsoft released a security bulletin today detailing a RCE in all known Windows DNS Servers, with a base CVSS score of 10.0.
Datashield is aware of a recent vulnerability [CVE-2020-5902] and it has been published for the following F5 products: BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM)
This post is an informational announcement detailing the Citrix NetScaler Vulnerability and what Datashield is doing to help our customers detect and mitigate the issue. Since the announcement of the vulnerability in Citrix devices (CVE-2019-19781) Datashield has performed extensive analysis and research on exploit attempts, attack patterns, and the latest intelligence. Citrix released security bulletin CTX267027 containing information on a vulnerability in various Citrix Products. This allows an unauthenticated attack that allows remote code execution.