Security News
The U.S. government has stepped in to offer a mitigation for a critical remote code execution vulnerability in the Windows Print Spooler service that may not have been fully patched by Microsoft's initial effort to fix it. In the meantime, Microsoft Thursday put out a new advisory of its own on PrintNightmare that assigns a new CVE and seems to suggest a new attack vector while attempting to clarify confusion that has arisen over it.
Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare. In a separate threat analytics report for Microsoft 365 Defender customers seen by BleepingComputer, Microsoft says attackers are actively exploiting the PrintNightmare zero-day.
Major financial institutions, airlines and the Hong Kong stock exchange were knocked offline by a backfiring distributed denial-of-service mitigation service Thursday. The hour-long outage, which was triggered at approximately 1 a.m. EST Thursday, is tied to Akamai Technology's anti-DDoS Prolexic service.
Kinetic Business introduced DDoS Mitigation Service, a fully managed service that monitors, detects, validates and mitigates attacks-even on third-party networks -before an outage or related damage occurs. Kinetic's DDoS Mitigation Service uses a network of highly scalable scrubbing centers that ingest and inspect attack traffic upstream from the customer's network.
DDoS attacks have dominated the charts in terms of frequency, sophistication, and geo-distribution over the last year. While there are no signs of DDoS attacks going away anytime soon, how do organizations ensure that their Internet assets are protected against threats of any size or kind?
His focus on information security began when he served in the U.S. Army, where he spent years identifying vulnerabilities and working on mitigation strategies to protect the network. From there, he served with NATO, where he played a very active role in cultivating a proactive security culture.
Recent Linux kernel updates include patches for a couple of vulnerabilities that could allow an attacker to bypass mitigations designed to protect devices against Spectre attacks. Symantec reported on Monday that Piotr Krysiuk, a member of its Threat Hunter team, has identified two new vulnerabilities in the Linux kernel that can be exploited to bypass mitigations for the Spectre vulnerabilities.
Cybersecurity researchers on Monday disclosed two new vulnerabilities in Linux-based operating systems that, if successfully exploited, could let attackers circumvent mitigations for speculative attacks such as Spectre and obtain sensitive information from kernel memory. While CVE-2020-27170 can be abused to reveal content from any location within the kernel memory, CVE-2020-27171 can be used to retrieve data from a 4GB range of kernel memory.
Microsoft Defender Antivirus will now protect unpatched on-premises Exchange servers from ongoing attacks by automatically mitigating the actively exploited CVE-2021-26855 vulnerability. The Microsoft Defender automatic protection from active attacks targeting unpatched Exchange servers works by breaking the attack chain.
Microsoft has released Exchange On-Premises Mitigation Tool, which quickly performs the initial steps for mitigating the ProxyLogon flaw on any Exchange server and attempts to remediate found compromises. "This tool is not a replacement for the Exchange security update but is the fastest and easiest way to mitigate the highest risks to internet-connected, on-premises Exchange Servers prior to patching," Microsoft explained.