Kobalos Malware Targets High Performance Computer (HPC) Clusters
February 9, 2021
Multiple WordPress Plugin Vulnerabilities Affected One Million Websites
February 23, 2021
VTA-00358 – CVE-2021-1732: Local Privileges Escalation Vulnerability On Windows Win32k:
SuperPRO’s Recommendations:
1. Update to latest patch accordingly for Windows OS and Windows 2019 servers by referring to this link.
(https://msrc.microsoft.com/update guide/vulnerability/CVE-2021-1732).
2. Keep Microsoft Defender up to date.
3. Configure the IOC information provided below into your current network, perimeter and endpoint threat defense mechanisms e.g. Endpoint Advanced Threat Protection (ATP), Network Firewall, Web Application Firewall (WAF), Email and Web Content Filtering Policies, where applicable.
4. To download and install OTX Endpoint Security. Subscribe to Provintell-Lab’s OTX pulses and scan endpoints for the presence of IOCs
The Story:
Microsoft has released a security advisory which is related to Microsoft Win32k under CVE-2021-1732. By exploiting this vulnerability, the attacker can take control of an infected system locally by privilege escalation. This vulnerability can let non-admin user to elevate themselves with system-level access.
Severity:
High
Attack Surfaces:
Endpoint OS
Tactics:
Privilege Escalation
Techniques:
Exploitation for Privilege Escalation
Indicator of Compromise (IOC) Detection:
https://otx.alienvault.com/pulse/60231c157099f297e915730a
Contributed by: Mr22k
