fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft Warns Of Incoming Windows Zerologon Patch Enforcement

Microsoft Warns Of Incoming Windows Zerologon Patch Enforcement

Microsoft today warned admins that updates addressing the Windows Zerologon vulnerability will transition into the enforcement phase starting next month.

Zerologon is a critical 10/10 rated security flaw tracked as CVE-2020-1472 which, when successfully exploited, enables attackers to elevate privileges to domain administrator and take control over the domain.

“We are reminding our customers that beginning with the February 9, 2021 Security Update release we will be enabling Domain Controller enforcement mode by default,” MSRC VP of Engineering Aanchal Gupta said.

“DC enforcement mode requires that all Windows and non-Windows devices use secure RPC with Netlogon secure channel unless customers have explicitly allowed the account to be vulnerable by adding an exception for the non-compliant device.”

Also Read: The 5 Benefits Of Outsourcing Data Protection Officer Service

Patch deployment details

The patch released as part of the August 2020 Patch Tuesday updates enables secure Remote Procedure Call (RPC) communication for machine accounts on Windows devices, trust accounts, as well as all Windows and non-Windows Domain Controllers.

It also logs any non-compliant devices in the environment so that system administrators address their issues or replace them before the enforcement phase.

With the February 2021 updates, Microsoft will automatically start enforcing secure RPC communications for all devices on the network and will no longer log non-compliant machines.

Microsoft has also clarified the steps needed to take to protect their devices against Zerologon attacks after customers found the original guidance confusing.

The update plan outlined by Microsoft involves going through the following procedure:

  1. UPDATE your Domain Controllers with an update released August 11, 2020 or later.
  2. FIND which devices are making vulnerable connections by monitoring event logs.
  3. ADDRESS non-compliant devices making vulnerable connections.
  4. ENABLE enforcement mode to address CVE-2020-1472 in your environment.

Zerologon under attack

Soon after the news about a Zerologon fix was published in August 2020, researchers published proof-of-concept ZeroLogon exploits allowing attackers to easily gain administrative access to a domain controller.

With public exploits released, Microsoft warned that threat actors quickly adopted them and started exploiting ZeroLogon in attacks.

One month later, Microsoft also added support for Zerologon exploitation detection to Microsoft Defender for Identity making it possible for security teams to detect on-premises attacks trying to abuse this critical vulnerability.

Also Read: How To Prevent WhatsApp Hack: 7 Best Practices

“Organizations that deploy Microsoft Defender for Identity (previously Azure Advanced Threat Protection) or Microsoft 365 Defender (previously Microsoft Threat Protection) are able to detect adversaries as they try to exploit this specific vulnerability against their domain controllers,” Gupta said.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us