New guidance from CISA reinforces the need to apply the Microsoft patches from August 2020 that address CVE-2020-1472.  This patch addresses a vulnerability in the Windows Netlogon Remote Protocol, which could allow an attacker to compromise all Active Directory identity services. More information can be found at the CISA advisory here – https://us-cert.cisa.gov/ncas/current-activity/2020/09/18/cisa-releases-emergency-directive-microsoft-windows-netlogon

A strain of malware known as QSnatch is actively targeting QNAP NAS devices running older unpatched versions of the firmware.  All customers running affected versions should update.  More information can be found at the US-CERT website – https://us-cert.cisa.gov/ncas/alerts/aa20-209a

Cisco has released security updates to address issues in their ASA and Firepower software.  These vulnerabilities could be attacked to gain access to sensitive information.  All customers running affected versions should update.  More information can be found at Cisco’s website – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86

Microsoft has release a critical patch for Windows DNS servers.  This vulnerability is considered “wormable” in that it affects all versions of Windows DNS servers and can spread between DNS servers without user interaction.  Microsoft is recommending users patch this vulnerability immediately or implement a registry-based workaround.  More details can be found on their blog.  Continue Reading