CVE-2020-5902 – WindowsTechs.com

Election Systems Under Attack via Microsoft Zerologon Exploits

Posted on October 13, 2020 by Lindsey O'Donnell

Cybercriminals are chaining Microsoft’s Zerologon flaw with other exploits in order to infiltrate government systems, putting election systems at risk, a new CISA and FBI advisory warns. Continue reading Election Systems Under Attack via Microsoft Zerologon Exploits→

Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs

Posted on September 14, 2020 by Lindsey O'Donnell

Monday’s CISA advisory is a staunch reminder for federal government and private sector entities to apply patches for flaws in F5 BIG-IP devices, Citrix VPNs, Pulse Secure VPNs and Microsoft Exchange servers. Continue reading Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs→

Zeek in it’s sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)

Posted on July 28, 2020 by Ben Reardon

By Ben Reardon, Corelight Security Researcher Having a CVE 10 unauthenticated Remote Code Execution vulnerability on a central load balancing device? That’s bad… Not being able to detect when a threat actor attempts and/or succeeds in compr… Continue reading Zeek in it’s sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)→

Thousands of Vulnerable F5 BIG-IP Users Still Open to Takeover

Posted on July 17, 2020 by Tara Seals

Less than 500 machines have been patched since U.S. Cyber Command issued an alert to patch a critical bug that’s under active exploit. Continue reading Thousands of Vulnerable F5 BIG-IP Users Still Open to Takeover→