Malware-based attacks on ATMs – A summary

Introduction Today we will take a first look at malware-based attacks on ATMs in general, while future articles will go into more detail on the individual subtopics. ATMs have been robbed by criminal gangs around the world for decades. A successful approach since ~ 20 years is the use of highly flammable gas, which is … Continue reading Malware-based attacks on ATMs – A summary

Vulnerability Management in a nutshell

Introduction Vulnerability Management plays an important role in an organization's line of defense. However, setting up a Vulnerability Management process can be very time consuming. This blogpost will briefly cover the core principles of Vulnerability Management and how it can help protect your organization against threats and adversaries looking to abuse weaknesses. What is Vulnerability … Continue reading Vulnerability Management in a nutshell

Sentinel Query: Detect ZeroLogon (CVE-2020-1472)

In August 2020 Microsoft patched the ZeroLogon vulnerability CVE-2020-1472. In summary, this vulnerability would allow an attacker with a foothold in your network to become a domain admin in a few clicks. The attacker only needs to establish a network connection towards the domain controller. At NVISO we are supporting multiple clients with our MDR … Continue reading Sentinel Query: Detect ZeroLogon (CVE-2020-1472)

OpenSSH User Enumeration Vulnerability: a Close Look

Intro An OpenSSH user enumeration vulnerability (CVE-2018-15473) became public via a GitHub commit. This vulnerability does not produce a list of valid usernames, but it does allow guessing of usernames. In this blog post, we take a closer look at this vulnerability and propose mitigation and monitoring actions. Technical details This vulnerability manifests itself in … Continue reading OpenSSH User Enumeration Vulnerability: a Close Look