Security Log 003
> CVE-2020-1472 “Zerologon”: An attacker can become domain admin
Severe privilige elevation vulnerability in the Netlogon remote protocol. An attacker who exploited this vulnerability could execute a specially crafted application on a device on network. Patch available since August 11, 2020.
> Ransomware attack on hospital may just had killed a patient
On a rise of a second coronavirus wave in Europe, a hospital in Germany may just experience a death of a patient caused by a cyberattack. Investigation is still ongoing, but if the police will confirm it is the case, it will be the first death ever caused by cyberattack on a medical devices, thus confirming one of the most feared cybersecurity expert’s scenarios. The attack was not aimed at the hospital, but rather at a university.
> OpenPGP support in Thunderbird 78.2.1
After almost 21 years Thunderbirds get support for OpenPGP in its core. For past long years the support had to be handled by plug-ins, probbably because of the US export restriction on cryptography.
> CVE-2020-14365: Ansible Engine ignores GPG signatures when using dnf
When installing system packages using dnf utility, Ansible Engine ignored GPG signature check which could cause an installation of malicious packages and arbitrary code execution. Fix has been released on September 1, 2020 for supported version of Ansible Engine and Ansible Tower.
> CVE-2020-15926: XSS leading to remote code execution in Rocket.chat Rocket.chat versions 3.4.0, 3.4.1 and 3.4.2 suffer from XSS vulnerability that can lead to remote code execution. Video demonstration available.