A ransomware attack on Blackbaud, a hosted platform used by a number of educational institutions, has put the spotlight on incident response. According to a statement on Blackbaud’s website, “In May of 2020, we discovered and stopped a ransomware attack. Prior to our locking the cyber-criminal out, the cyber-criminal removed a copy of a subset of data from our self-hosted environment."
Citrix informed customers this week that it has patched a classified high vulnerability in the automatic update service of its Workspace app for Windows that can allow a local user with escalated privileges or an attacker to remotely hack the computer running the affected application. CVE-2020-8207 impacts Citrix Workspace app for Windows 1912 LTSR and 2002, and it has been patched with the release of versions 1912 LTSR CU1 and 2006.1.
Secon Cyber, a leading cyber security services and solutions company, today announced the launch of ConnectProtect® Managed Detection and Response, a new security service that enables organisations to outsource the monitoring of their digital estate for cyber threats.
Cisco released security advisories to inform customers of several critical vulnerabilities that can be exploited remotely to hack small business routers and firewalls that are no longer being sold. Though no longer being sold by Cisco, apparently they have yet to reach end of support so the company has still patched them.
On July 14, 2020, Microsoft released a security update for the issue described in CVE-2020-1350 | Windows DNS Server Remote Code Execution Vulnerability. This advisory describes a Critical Remote Code Execution (RCE) vulnerability that affects Windows servers that are configured to run the DNS Server role. We strongly recommend that server administrators apply the security update at their earliest convenience
An unpatched and previously unknown security vulnerability has been discovered by a researcher who reached out to the 0patch team disclosing the vulnerability rather than reporting it directly to Zoom. The vulnerability affecting computers running Windows 7 and older OS versions, enables a remote attacker to execute arbitrary code on a victim's machine where any supported version of Zoom Client for Windows is installed.