Read or download all Datashield news, reviews, content, and more.
Microsoft announced a critical vulnerability as part of their Patch Tuesday on 10/12/2020. CVE-2020-16898, dubbed "Bad Neighbor", is a remote code execution (RCE) that occurs when the Windows TCP/IP stack incorrectly handles ICMPv6 Router Advertisement packets with an even length field.
Microsoft released a security bulletin today detailing a RCE in all known Windows DNS Servers, with a base CVSS score of 10.0.
Datashield is aware of a recent vulnerability [CVE-2020-5902] and it has been published for the following F5 products: BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM)
This post is an informational announcement detailing the Citrix NetScaler Vulnerability and what Datashield is doing to help our customers detect and mitigate the issue. Since the announcement of the vulnerability in Citrix devices (CVE-2019-19781) Datashield has performed extensive analysis and research on exploit attempts, attack patterns, and the latest intelligence. Citrix released security bulletin CTX267027 containing information on a vulnerability in various Citrix Products. This allows an unauthenticated attack that allows remote code execution.
Two more security issues announced surrounding Remote Code Execution against Remote Desktop Services. Microsoft released a notice today concerning two vulnerabilities, which would result in a Remote Code Execution vulnerability against the Remote Desktop Services. These are being tracked under CVE-2019-1181 and CVE-2019-1182. This is akin the previous vulnerability that we notified you on, CVE-2019-0708, aka Bluekeep.
Datashield, a Lumifi company, has been a leading managed cybersecurity services provider for over a decade. Our consultative process and approach to managed detection and response help our clients establish a truly resilient cybersecurity strategy.
Providing Managed Detection and Response (MDR), Outsourced SOC, SOC as a Service, Threat Hunting, Threat Validation, Threat Remediation, Endpoint Detection and Response (EDR), Email Protection, Device Configuration & Tuning, Vulnerability Management, Perimeter Defense and more.