Page 17 - Threat Intelligence 12-20-2019
P. 17
Threat Alerts
And Advisories
Microsoft Releases Out-of-Band Security Updates
Microsoft has released out-of-band security updates to address a vulnerability in
SharePoint Server. An attacker could exploit this vulnerability to obtain sensitive
information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users
and administrators to review Microsoft Security Advisory for CVE-2019-1491 and apply the
necessary updates.
Microsoft Releases Out-of-Band Security Updates
Microsoft has released out-of-band security updates to address a vulnerability in
SharePoint Server. An attacker could exploit this vulnerability to obtain sensitive
information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users
and administrators to review Microsoft Security Advisory for CVE-2019-1491 and apply the
necessary updates.
WordPress Releases Security and Maintenance Updates
WordPress 5.3 and prior versions are affected by multiple vulnerabilities. An attacker could
exploit some of these vulnerabilities to take control of an affected website. The
Cybersecurity and Infrastructure Security Agency (CISA) encourages users and
administrators to review the WordPress Security and Maintenance Release and upgrade to
WordPress 5.3.1.
Vulnerabilities and Indicators of Compromise
➢ Weekly Vulnerability Summary from US-CERT
➢ Talos weekly alerts
➢ Poison Frog Malware Samples Reveal OilRig’s Sloppiness
➢ DDoS Attacks and IoT Exploits: New Activity from Momentum Botnet
“Security is always excessive until it’s not enough.”
– Robbie Sinclair
Head of Security, Country Energy, NSW Australia
www.accumepartners.com
17
