SigRed Remote Code Execution Vulnerability (CVE-2020-1350)

A critical vulnerability, tracked as (CVE-2020-1350), affecting Windows Server versions 2003 to 2019 has been patched after being existed in the system’s code for almost 17 years. Also known as SigRed, the 17-year-old ‘wormable’ remote code execution (RCE) vulnerability could propagate itself across vulnerable machines in a network without the need of any user interaction. continue reading : SigRed Remote Code Execution Vulnerability (CVE-2020-1350)

F5 BIG-IP Vulnerability

Following the released Security Advisory and Proof-of-Concept for the critical remote code execution (RCE) vulnerability found on F5’s BIG-IP products. Threat Actors are observed to have been leveraging unpatched and vulnerable devices to gain full control of an affected system. Tracked as CVE-2020-5902, the flaw can allow a remote attacker to access the Traffic Management continue reading : F5 BIG-IP Vulnerability

Netgear Router Vulnerability

Due to the impact of the ongoing COVID-19 crisis today, many companies and organizations in the Philippines are already considering telecommuting or most commonly known as work-from-home as an alternate option to continue their day to day business operations. This makes work-from-home employees more vulnerable to attacks, as home routers were typically installed with its continue reading : Netgear Router Vulnerability

Security Measures for the Academe

CERT-PH has been monitoring and receiving reports on cyber-attacks targeting the academe sector over the past weeks. These security incidents, mainly involving data breaches and web defacements, affected information systems of schools/universities across the country. With the rise on the number of users using online systems for remote working and learning because of the pandemic, continue reading : Security Measures for the Academe

SMBleed – Microsoft SMB Protocol Vulnerability

A new critical vulnerability (CVE-2020-1206) affecting Microsoft Windows operation system’s Server Message Block (SMB) protocol was recently publicly disclosed. The vulnerability dubbed SMBleed, resides in SMB version 3.1.1’s decompression function, Srv2DecompressData. An unauthenticated attacker can exploit the vulnerability by sending a specially crafted message request to a targeted SMB server, and successful exploitation could allow continue reading : SMBleed – Microsoft SMB Protocol Vulnerability