Sentinel Query: Detect ZeroLogon (CVE-2020-1472)

In August 2020 Microsoft patched the ZeroLogon vulnerability CVE-2020-1472. In summary, this vulnerability would allow an attacker with a foothold in your network to become a domain admin in a few clicks. The attacker only needs to establish a network connection towards the domain controller. At NVISO we are supporting multiple clients with our MDR … Continue reading Sentinel Query: Detect ZeroLogon (CVE-2020-1472)

Smart Home Devices: assets or liabilities? – Part 1: Security

This blog post is part of a series, keep an eye out for the following parts! TL;DR - Smart home devices are everywhere, so I tested the base security measures implemented on fifteen devices on the European market. In this blog post, I share my experience throughout these assessments and my conclusions on the overall … Continue reading Smart Home Devices: assets or liabilities? – Part 1: Security

Epic Manchego – atypical maldoc delivery brings flurry of infostealers

In July 2020, NVISO detected a set of malicious Excel documents, also known as “maldocs”, that deliver malware through VBA-activated spreadsheets. While the malicious VBA code and the dropped payloads were something we had seen before, it was the specific way in which the Excel documents themselves were created that caught our attention. The creators … Continue reading Epic Manchego – atypical maldoc delivery brings flurry of infostealers