In July 2021, Cybersecurity and Infrastructure Security Agency (CISA), together with the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI), published an advisory notifying about the top 30 vulnerabilities that were exploited in the wild to retrieve sensitive data such as intellectual … Continue reading “Most Exploited Vulnerabilities in the Pandemic and Pre-pandemic Era”
Tag: CVE-2020-1472
Publicly-known Vulnerabilities Exploited by State-sponsored Cyber Threat Actors
In the start of Oct 2020, Cybersecurity and Infrastructure Security Agency (CISA) published an advisory notifying about vulnerabilities that were exploited in the wild to retrieve sensitive data such as intellectual property, economic, political, as well as military information. According to CISA, in the light of heightened tensions between U.S. and China, these vulnerabilities were … Continue reading “Publicly-known Vulnerabilities Exploited by State-sponsored Cyber Threat Actors”
Microsoft Windows Netlogon Privilege Escalation Vulnerability (CVE-2020-1472)
A severe bug identified as CVE-2020-1472 with a criticality of 10 is being exploited publicly in the wild. This bug can take over Windows Servers running as Domain Controllers with domain-level privileges from a remote unauthenticated user. A Dutch team, collectively known as Secura, has published an exploit on Github with a technical writeup. According … Continue reading “Microsoft Windows Netlogon Privilege Escalation Vulnerability (CVE-2020-1472)”