fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

CISA Urges Orgs to Patch Actively Exploited Windows SeriousSAM Bug

CISA Urges Orgs to Patch Actively Exploited Windows SeriousSAM Bug

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added to the catalog of vulnerabilities another 15 security issues actively used in cyberattacks.

CISA’s warning about these vulnerabilities serves as a wake-up call to all system administrators that they need to prioritize installing security updates to protect their organizations’ networks.

Failing to do so turns the company into a target for threat actors, who could breach digital premises, compromise data or gain access to sensitive accounts.

Among the new security flaws CISA added to the catalog of actively exploited bugs, CVE-2021-36934 is the one that stands out. This is a Microsoft Windows SAM (Security Accounts Manager) vulnerability that allows anyone to access the Registry database files on Windows 10 and 11, extract password hashes and gain administrator privileges.

Microsoft fixed this flaw in July 2021, but seven months later there is still a significant number of systems that need to install the update. Also, there are workarounds for this vulnerability available here.

Also Read: Practitioner Certificate In Personal Data Protection: Everything You Need To Know

The 15 flaws highlighted this time are a mix of old and new, ranging from 2014 to 2021, as detailed in the table below.

CVE IDDescriptionPatch Deadline
CVE-2021-36934Microsoft Windows SAM Local Privilege Escalation Vulnerability2/24/2022
CVE-2020-0796Microsoft SMBv3 Remote Code Execution Vulnerability8/10/2022
CVE-2018-1000861Jenkins Stapler Web Framework Deserialization of Untrusted Data8/10/2022
CVE-2017-9791Apache Struts 1 Improper Input Validation Vulnerability8/10/2022
CVE-2017-8464Microsoft Windows Shell (.lnk) Remote Code Execution8/10/2022
CVE-2017-10271Oracle Corporation WebLogic Server Remote Code Execution8/10/2022
CVE-2017-0263Microsoft Win32k Privilege Escalation Vulnerability8/10/2022
CVE-2017-0262Microsoft Office Remote Code Execution Vulnerability8/10/2022
CVE-2017-0145Microsoft SMBv1 Remote Code Execution Vulnerability8/10/2022
CVE-2017-0144Microsoft SMBv1 Remote Code Execution Vulnerability8/10/2022
CVE-2016-3088 Apache ActiveMQ Improper Input Validation Vulnerability8/10/2022
CVE-2015-2051D-Link DIR-645 Router Remote Code Execution8/10/2022
CVE-2015-1635Microsoft HTTP.sys Remote Code Execution Vulnerability8/10/2022
CVE-2015-1130Apple OS X Authentication Bypass Vulnerability8/10/2022
CVE-2014-4404Apple OS X Heap-Based Buffer Overflow Vulnerability8/10/2022

Of the rest, CVE-2020-0796 is another critical security flaw on CISA’s list that admins should address. The bug received the maximum severity score. It consists in erroneous handling of maliciously crafted compressed data packets by SMBv3 and it can be exploited to achieve remote code execution.

The flaw can accommodate “wormable” attacks, which means that a threat actor could compromise large networks quicker and with less effort.

Back in March 2020, there were at least 48,000 systems vulnerable to CVE-2020-0796, but, as underlined by CISA’s latest report, the problem continues to persist on many systems.

CISA also added CVE-2015-2051, a remote code execution bug affecting D-Link DIR-645 routers that continues to deliver to attackers.

Also Read: The DNC Singapore: Looking At 2 Sides Better

The most recent reports of exploitation for the particular vulnerability date from November 2021, when the BotenaGo botnet targeted millions of IoT devices and routers via a set of 33 known exploits, including CVE-2015-2051.

CISA’s list of exploited vulnerabilities is a constant reminder for organizations to deal with outdated and no longer supported hardware that is present in sensitive parts of the network since adversaries do not care how old a vulnerability is as long as it gets them in.

With the addition of the 15 flaws above, CISA’s Known Exploited Vulnerabilities Catalog now lists 367 security vulnerabilities.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us