CERT/CC

@certcc

CERT Coordination Center at the Carnegie Mellon University Software Engineering Institute.

Pittsburgh, PA, USA
Vrijeme pridruživanja: ožujak 2009.
Rođen/a 1988.

Tweetovi

Blokirali ste korisnika/cu @certcc

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @certcc

  1. 17. sij

    VU#338824 Microsoft Internet Explorer is being actively exploited in the wild using a new unpatched vulnerability in the Scripting Engine. Disable access to JScript.dll as a workaround.

    Poništi
  2. 3. stu 2019.

    If you use "Disable all macros without notification" in Microsoft Office for Mac, you may be in for an unpleasant surprise. XLM macros in SYLK (.SLK) content will run without any prompting. This allows for arbitrary code execution without any clicks.

    Poništi
  3. 23. lis 2019.

    Any device that has a software stack associated with it may become unsafe when it has outlived its support life span. It's Time to Retire Your Unsupported Things

    Poništi
  4. proslijedio/la je Tweet
    16. lis 2019.
    Poništi
  5. proslijedio/la je Tweet

    If you run vBulletin forum software I would urgently take it offline until there’s a patch. There’s a ‘zero day’ exploit actively being used in the wild for widespread exploitation.

    Prikaži ovu nit
    Poništi
  6. 24. ruj 2019.

    It's important to note that these updates are NOT currently being deployed via Windows Update or Microsoft Update. Despite being actively exploited in the wild, manual actions must be taken to receive the fixes.

    Poništi
  7. proslijedio/la je Tweet
    17. ruj 2019.

    We have recently completed a number significant revisions to the CERT® Guide to Coordinated Vulnerability Disclosure. Here's a post describing some of the changes we've made.

    Prikaži ovu nit
    Poništi
  8. 6. ruj 2019.

    Exim has released fixes for CVE-2019-15846, an issue where a local or remote attacker can execute programs with root privileges. This affects versions up to and including 4.92.1. The patches were released today in version 4.92.2 and can be found at

    Poništi
  9. proslijedio/la je Tweet
    4. ruj 2019.

    I've written a blog post to elaborate on the concept of VHD and VHDX files being dangerous:

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    21. svi 2019.
    Odgovor korisniku/ci

    I can confirm that this works as-is on a fully patched (May 2019) Windows 10 x86 system. A file that is formerly under full control by only SYSTEM and TrustedInstaller is now under full control by a limited Windows user. Works quickly, and 100% of the time in my testing.

    Poništi
  11. proslijedio/la je Tweet

    🚨 Very important security update for Windows 🚨 CVE-2018-0708 allows remote, unauthenticated code execution is RDP (Remote Desktop). A very bad thing you should patch against. Around 3 million RDP endpoints are directly exposed to internet.

    Prikaži ovu nit
    Poništi
  12. 4. tra 2019.

    A user with the ability to run code (php, cgi, etc.) in the context of Apache can escalate privileges to root. CVE-2019-0211 Apply updates to get the fix.

    Poništi
  13. 31. sij 2019.

    And just to be clear, this new Exchange vulnerability is CVE-2019-0686. If you have read any guidance that this new exchange vulnerability is CVE-2018-8581, or have taken actions assuming that the mitigations for CVE-2018-8581 will protect you, you may get an unpleasant surprise.

    Prikaži ovu nit
    Poništi
  14. 28. sij 2019.

    We've published a vulnerability note on the Exchange-mailbox-to-Domain-Admin privilege escalation vulnerability:

    Prikaži ovu nit
    Poništi
  15. 27. sij 2019.

    An attacker with just the credentials of a single lowly Exchange mailbox user can gain Domain Admin privileges by using a simple tool. has confirmed on a default Exchange 2013 installation. It's very important to apply mitigations outlined here:

    Prikaži ovu nit
    Poništi
  16. 19. pro 2018.

    Microsoft has released an out-of-band update for a JScript scripting engine vulnerability that is being exploited in the wild:

    Poništi
  17. 1. stu 2018.

    At least until this issue is addressed, disable SIP Inspection in affected devices.

    Poništi
  18. 30. kol 2018.

    We have updated with detection rules using Microsoft Sysmon, courtesy of . We also have provided experimental exploit mitigations, courtesy of .

    Prikaži ovu nit
    Poništi
  19. 29. kol 2018.

    Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface Affects all supported versions of Windows, and there is no fix available. Detection options using Sysmon are available here

    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    29. kol 2018.

    Thoughts on what it means now that EMET is past its EOL date: TL;DR: - Windows 10 *finally* has EMET-like functionality and can now SAFELY import EMET profiles - "On by default" is NOT "Use default (on)" in WDEG - Keep using EMET if you're not on Win10

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·