Cisco Small Business VPN Router Vulnerabilities

Cisco addressed multiple pre-auth remote code execution (RCE) flaws in its small business VPN routers, the most severe of which could allow arbitrary code execution as the root user of an affected device. Tracked as CVE-2021-1289, CVE-2021-1290, CVE-2021-1291, CVE-2021-1292, CVE-2021-1293, CVE-2021-1294, and CVE-2021-1295, the vulnerabilities exists due to improper validation of HTTP requests to the continue reading : Cisco Small Business VPN Router Vulnerabilities

Cisco SD-WAN and Smart Software Manager Software Vulnerabilities

Security updates have been released by Cisco addressing several critical remote code execution (RCE) vulnerabilities affecting multiple SD-WAN products and the Cisco Smart Software Manager software.  ______________________________ A. List of Vulnerabilities Smart Software Manager Satellite Web UI Command Injection Vulnerabilities – Allows an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. continue reading : Cisco SD-WAN and Smart Software Manager Software Vulnerabilities

Reolink’s P2P and NVR Vulnerabilities (CVE-2020-25169 and CVE-2020-25173)

Reolink’s cameras and NVRs (Network Video Recorders), typically used by homeowners and small businesses, critical infrastructure and industrial operators, have been identified to have vulnerabilities in its Peer-to-Peer (P2P) feature, which raised potential security risks and implications to organizations. Two vulnerabilities were identified and tracked as CVE-2020-25169 and CVE-2020-25173. CVE-2020-25169, a cleartext of sensitive information continue reading : Reolink’s P2P and NVR Vulnerabilities (CVE-2020-25169 and CVE-2020-25173)

Windows Defender Vulnerability (CVE-2021-1647)

A critical vulnerability in Microsoft’s default anti-malware software, Windows Defender, has been patched with the release of the first Monthly Security Update on 2021 together with 83 additional security vulnerabilities. Tracked as CVE-2021-1647, the remote code execution (RCE) flaw was found in the Malware Protection Engine component (mpengine.dll). The flaw has been exploited for the continue reading : Windows Defender Vulnerability (CVE-2021-1647)

Zyxel’s Firewalls and AP Controllers Vulnerability (CVE-2020-29583)

Threat actors have been detected to be targeting Zyxel’s firewall and WLAN controller products that contain an undocumented account with an unchangeable password, which can be found in cleartext in the product’s firmware. Tracked as CVE-2020-29583, a hardcoded credential vulnerability that exists in Zyxel firewalls and AP controllers with an unchangeable static plain-text password and continue reading : Zyxel’s Firewalls and AP Controllers Vulnerability (CVE-2020-29583)

NATIONAL CYBER DRILL 2020 PRESS RELEASE

TLP: White VENUE: Online (Email, Instant Messaging and Digital Distribution Platform, and Video Conferencing Platform) DATE: 26 November 2020 OBJECTIVES: Participants are expected: – To develop a proactive mindset and approach on cybersecurity– To be able to familiarize, detect, and respond to cyber threats promptly and effectively– To practice effective and adaptive incident handling and continue reading : NATIONAL CYBER DRILL 2020 PRESS RELEASE

Software Supply Chain Attack against SolarWinds Affected Organizations Globally

The National Computer Emergency Response Team (CERT-PH) monitored a large-scale cyber-attack against government and non-government organizations involving the SolarWinds Orion network management tool, which is currently being exploited by threat actors worldwide. These highly skilled Nation-State Threat actors are weaponizing the SolarWinds Orion’s legitimate software update in order to distribute a malware called SUNBURST and continue reading : Software Supply Chain Attack against SolarWinds Affected Organizations Globally

National Cyberdrill 2020

DICT Cybersecurity Bureau thru the National Computer Emergency Response Team (CERT-PH) is inviting Government Agencies and Organizations from the Critical Information Infrastructure to register and participate in the Philippine National Cyber Drill 2020 on November 25-26, 2020, with the theme: “Strengthening Cybersecurity and Adopting to the New Normal through Incident Response and Collaboration”. The National continue reading : National Cyberdrill 2020

Microsoft’s SharePoint Vulnerability (CVE-2020-16952)

As part of its October monthly software updates and security fixes, Microsoft has patched a critical-severity flaw found in Microsoft SharePoint Server that could enable remote attackers to arbitrary code execution in the context of the local administrator on affected installations of SharePoint server. Tracked as CVE-2020-16952, a remote code execution vulnerability that exists in continue reading : Microsoft’s SharePoint Vulnerability (CVE-2020-16952)