InForce Cyber

Threat Report October 2020

CVE-2020-16898 – Windows TCP/IP Remote Code Execution Vulnerability

This patch corrects a problem in the TCP/IP stack caused by the way it handles ICMPv6 router advertisements. A specially crafted ICMPv6 router advertisement could cause code execution on an affected system.

CVE-2020-16947 – Microsoft Outlook Remote Code Execution Vulnerability

This vulnerability was reported through the ZDI program, and it could allow code execution on affected versions of Outlook just by viewing a specially crafted e-mail. The Preview Pane is an attack vector here, so you don’t even need to open the mail to be impacted. The specific flaw exists within the parsing of HTML content in an email. The issue results from the lack of proper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer.

October Microsoft  Patches
Alibaba-owned Lazada suffers data hack of 1.1 million accounts

SINGAPORE (Reuters) – Singapore e-commerce firm Lazada said on Friday that personal information including addresses and partial credit card numbers from 1.1 million accounts had been hacked, a major breach in the city-state of 5.7 million.

The Alibaba-owned firm said in an email that the information was taken from a database of its grocery arm RedMart that was more than 18 months out of date.

Exclusive: Russian hackers targeted California, Indiana Democratic parties

WASHINGTON (Reuters) – The group of Russian hackers accused of meddling in the 2016 U.S. presidential election earlier this year targeted the email accounts of Democratic state parties in California and Indiana, and influential think tanks in Washington and New York, according to people with knowledge of the matter.

The attempted intrusions, many of which were internally flagged by Microsoft Corp MSFT.O over the summer, were carried out by a group often nicknamed „Fancy Bear.“ The hackers’ activity provides insight into how Russian intelligence is targeting the United States in the run-up to the Nov. 3 election.

Fancy Bear is controlled by Russia’s military intelligence agency and was responsible for hacking the email accounts of Hillary Clinton’s staff in the run-up to the 2016 election, according to a Department of Justice indictment filed in 2018.

Law Firm Seyfarth Shaw Hit by Damaging Ransomware Attack

International law firm Seyfarth Shaw LLP has shut down many of its systems after being hit with a ransomware attack.

Founded in 1945 in Chicago, Illinois, Seyfarth has over 900 lawyers across 17 offices, providing clients all around the world with advisory, litigation, and transactional legal services. The Am Law 100 firm serves more than 300 of the Fortune 500 companies.

Over the weekend, the company fell victim to a ransomware attack that spread aggressively across its network and forced it to shut down its email service and other systems.