December 2020 – CYNET-CSIRT

Vulnerability Summary for the Week of December 21, 2020

Original release date: December 28, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off

December 28, 2020

Current Activity

CISA Releases Free Detection Tool for Azure/M365 Environment

Original release date: December 24, 2020CISA has created a free tool for detecting unusual and potentially malicious activity that threatens users and applications in an Azure/Microsoft O365 environment. The tool…

Comments Off

December 25, 2020

Current Activity

CISA Releases CISA Insights and Creates Webpage on Ongoing APT Cyber Activity

Original release date: December 23, 2020CISA is tracking a known compromise involving SolarWinds Orion products that are currently being exploited by a malicious actor. An advanced persistent threat (APT) actor…

Comments Off

December 23, 2020

Bulletins

Vulnerability Summary for the Week of December 14, 2020

Original release date: December 21, 2020 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info adremsoft -- netcrunch AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL…

Comments Off

December 21, 2020

Current Activity

CISA Updates Alert and Releases Supplemental Guidance on Emergency Directive for SolarWinds Orion Compromise

Original release date: December 19, 2020CISA has updated AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations, originally released December 17. This update states that…

Comments Off

December 19, 2020

Current Activity

NSA Releases Cybersecurity Advisory on Detecting Abuse of Authentication Mechanisms

Original release date: December 17, 2020The National Security Agency (NSA) has released a cybersecurity advisory on detecting abuse of authentication mechanisms. This advisory describes tactics, techniques, and procedures used by…

Comments Off

December 18, 2020

Alerts

AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

Original release date: December 17, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced…

Comments Off

December 17, 2020

Bulletins

Vulnerability Summary for the Week of December 7, 2020

Original release date: December 14, 2020 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info acdsee -- photo_studio_2021 PlugInsIDE_ACDStd.apl in ACDSee Photo Studio Studio Professional…

Comments Off

December 14, 2020

Current Activity

Active Exploitation of SolarWinds Software

Original release date: December 13, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of SolarWinds Orion Platform software versions 2019.4 through 2020.2.1, released between March 2020…

Comments Off

December 14, 2020

Current Activity

Cisco Releases Security Updates for Jabber Desktop and Mobile Client Software

Original release date: December 11, 2020Cisco has released security updates to address vulnerabilities in Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms. A remote attacker could exploit…

Comments Off

December 11, 2020