Publicly-known Vulnerabilities Exploited by State-sponsored Cyber Threat Actors

In the start of Oct 2020, Cybersecurity and Infrastructure Security Agency (CISA) published an advisory  notifying about vulnerabilities that were exploited in the wild to retrieve sensitive data such as intellectual property, economic, political, as well as military information. According to CISA, in the light of heightened tensions  between U.S. and China, these vulnerabilities were … Continue reading “Publicly-known Vulnerabilities Exploited by State-sponsored Cyber Threat Actors”

Microsoft Remote Desktop Services (RDP) Remote Code Execution Vulnerability – CVE-2019-0708

Introduction: Microsoft has released fixes for a very high-risk vulnerability (CVE-2019-0708, aka BlueKeep) in this Patch Tuesday that impacts Windows XP, Windows 7, Server 2003, Server 2008, and Server 2008 R2. A critical remote code execution vulnerability exists in the Microsoft Windows systems running Remote Desktop Protocol (RDP). Upon successful exploitation an attacker can gain … Continue reading “Microsoft Remote Desktop Services (RDP) Remote Code Execution Vulnerability – CVE-2019-0708”