Major Vulnerability in Windows DNS Servers: Responding to CVE-2020-1350 (SIGRed)
As part of Microsoft’s traditional Patch Tuesday in July, CVE-2020-1350 (codenamed “SIGRed”) was fixed and disclosed publicly. This vulnerability is very serious, with a CVSS score of 10, and allows remote unauthenticated ...
Patching SIGRed: Windows CVE-2020-1350
In the July 2020 Patch Tuesday release, Microsoft has patched 13 critical and 83 important vulnerabilities, but one CVE in particular is getting the lion’s share of the attention. CVE-2020-1350, nicknamed “SIGRed,” ...
HVI Blocks SIGRed, Prevents Zero-Day Execution from Suspicious Memory Regions
Windows DNS server remote code execution vulnerability permits full takeover of infected systems Wormable exploits can spread via malware between vulnerable computers without user interaction SIGRed vulnerability impacts nearly all versions of ...
Detecting CVE-2021-31166 – HTTP vulnerability
By Ben Reardon, Corelight Security Researcher In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability. We’ve open-sourced ...
How DNS Attack Dynamics Evolved During the Pandemic
The Domain Name System (DNS) is the “Internet’s address book;” the essential, trusted, rarely scrutinized protocol that keeps the internet running by mapping readable domain names to IP addresses. More than 2.2 ...
Using Cyber Threat Intelligence Effectively: The Importance of Device Visibility and Network Monitoring
Several years have passed since the WannaCry ransomware attack crippled 150 countries. Over a few short months, the perpetrators of this global cyberattack wreaked havoc across healthcare and manufacturing industries, costing companies ...
What Is Malware? 10 Types of Malware & How They Work
Malicious code is the thing that nightmares are made of for web users and cybersecurity experts alike — here’s everything to know about malicious code and how hackers use it... The post ...
Together is faster: Zeek for vulnerabilities
“There is an open approach that is currently rippling across the infosec industry that could give defenders the acceleration they need.” – John Lambert (Distinguished Engineer, Microsoft) By Greg Bell, CEO of ...
Cyber Security Roundup for August 2020
A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, July 2020.The standout hack of July 2020, and possibly of ...
Making Infosec Jobs Easier: Threat Hunting
This is post 6 in our series on making infosec jobs easier and covers threat hunting. You can read the previous 5 posts at one of the links below. Improve overall security ...