Summary On August 11th, 2020 Microsoft publicly disclosed the existence of a critical severity Elevation of Priviledge (EOP) vulnerability that impacts all recent versions of Windows Server
Author: Francisco Donoso
Francisco Donoso leads the Managed Security Services Architecture team here at Kudelski Security.
Security Advisory: Microsoft Windows DNS Server Remote Code Execution Vulnerability
Summary On July 14th, 2020 Microsoft publicly disclosed the existence of a critical severity vulnerability in all recent versions of the Microsoft Windows Server operating
Security Advisory: F5 BIG-IP Critical Severity RCE Vulnerability CVE-2020-5902
Updated on July 7th, 2020: The Cyber Fusion Center has learned that the original mitigation guidance provided by F5 was incomplete and has been bypassed.
Critical Vulnerabilities Cisco Smart Install Actively Exploited to Cause Mass Network Outages (CVE-2018-0171 & CVE-2018-0156)
Summary The Cyber Fusion Center has learned of malicious, seemly automated, exploitation of recent Cisco IOS and Cisco IOS XE critical vulnerabilities (CVE-2018-0171 & CVE-2018-0156)
CVE-2018-010 – Cisco Updates Advisory Regarding Critical Remote Code Execution and Denial of Service Vulnerabilities in ASA and FTD software
Summary On February 5th, 2018 Cisco updated an existing vulnerability advisory for CVE-2018-010 due to newly discovered attack vectors and because the original software fix
Meltdown & Spectre Attacks on CPU Flaws
Summary On January 3rd 2018, several hardware flaws affecting modern processors were publicly disclosed by security researchers. These flaws are exploitable by attacks nicknamed “Meltdown”
