What is Vulnerable & SMBGhost ? How To Protect With Total security

-
what is Vulnerable & SMBghost protect with total security


More than 100 Thousand Systems are Still Vulnerable to SMBGhost

Microsoft fixed the SMBGhost vulnerability (CVE-2020-0796) in Windows SMBv3 back in March this year, but more than 100 thousand systems are still vulnerable.

SMBGhost affects Windows 10 and Windows Server 2019, and CVSS scored a maximum of 10 on the CVSS vulnerability rating scale. The vulnerability exists in version 3.1.1 of the Microsoft Server Message Block (SMB) protocol, the same one used by cybercriminals to distribute ransomware WannaCry in 2017.

As a fix for the vulnerability, Microsoft has released KB4551762 update for Windows 10 (versions 1903 and 1909) and Windows Server 2019 (versions 1903 and 1909). Alternatively, the company also suggested that administrators disable SMBv3 compression using PowerShell. To protect clients from external attacks, you must block TCP port 445 at the network perimeter border. Due to this, Kopriva also checked through Shodan how many IP addresses with open ports 445 are available over the Internet. As it turns out, almost 8% of all IP addresses have port 445 open.

System administrators are strongly encouraged to install this hotfix as there are a number of PoC exploits available on the web. Although most attempts to exploit SMBGhost end in denial of service or escalation of privileges, in June of this year someone using the alias Chompie published a PoC exploit that allows remote code execution.

Fixed Dangerous Privilege Escalation Vulnerabilities in NVIDIA DGX Servers

To exploit the problems, criminals need network access to the DGX Server AMI Baseboard Management Controller software.

NVIDIA has released a security update for NVIDIA DGX-1, DGX-2, and DGX A100 servers that addresses multiple vulnerabilities in AMI Baseboard Management Controller (BMC) firmware. Their exploitation allows an attacker to remotely execute code, increase privileges on a system, or disclose information. To exploit the problems, criminals need network access to the DGX's BMC.

A total of 9 vulnerabilities were fixed. The most dangerous of them (CVE-2020-11483) received a score of 9.8 on the CVSS v3.1 scale and affects the AMI BMC firmware of NVIDIA DGX servers. The problem stems from the fact that the firmware contains built-in credentials that can allow privilege escalation or information disclosure.

The vulnerabilities were discovered by specialists Sergey Gordeichik, Roman Palkin, Denis Kolegov and Maria Samoilova (CVE ‑ 2020‑11483, CVE ‑ 2020‑11487, CVE ‑ 2020‑11489, CVE ‑ 2020‑11484, CVE ‑ 2020‑11615, CVE ‑ 2020‑ 11616, CVE ‑ 2020‑11486, CVE ‑ 2020‑11488, and CVE ‑ 2020‑11485).

NVIDIA strongly recommends that users update to the latest software. As a preventive measure, it is recommended to restrict connectivity to the BMC, including the web user interface, to trusted management networks.

To keep your computer and data safe, it’s smart to take proactive and reactive security measures
Your first line of defence is to be proactive by using comprehensive Total security software, like Total Security, that protects against both known and unknown threats.
This Total security checklist to be sure you are doing everything you can to help keep your information protected from the security risks associated with vulnerabilities to SMB Ghost
Install a proactive and comprehensive Total security, software to help block known and unknown threats to vulnerabilities.
 

 

  

Comments

Post a Comment

Popular posts from this blog

How to Protect Yourself Against Scams?

-
Image
The world is more and more complicated to live, everyone realizes it.  On the Internet, we sometimes feel like we are in the middle of a battlefield and we don't know how to protect ourselves against the myriad threats.  Small survival guide in several parts ... Your beloved Panoptinet site is not immune to attacks, far from it.  Protecting it against flooding attempts, malicious content in comments and keeping it in working order is an ongoing struggle.  This activity leaves us too little time to enrich the content of the site.  Alas. From the moment a site obtains certain popularity, which is the case of Panoptinet with more than 7.7 million users since its creation, it becomes the target of spammers and scammers of all kinds.  Make no mistake, the target is always you: the readers.  The site is then one of the vectors of an attack. We are not going to make a list of the attacks that target you but, over time, give you as many keys as possible to hel...
Read more

Protection of the Network Perimeter From Virus Attacks | Free Antivirus Software

-
Image
The latest epidemics of Wannacry and Expetya ransomware viruses, which were widely covered by the media, once again showed that even in large corporate networks there are problems of insufficient readiness of the used protection tools against information threats to virus attacks. The situation is even worse in medium and small businesses, small government and departmental networks, educational institutions, whose information security budgets were often allocated only to anti-virus software for workstations, which is no longer enough to protect against modern threats. Currently, malware developers widely use the practice of preliminary testing of their own software for detection by dozens of anti-viruses. Therefore, as a rule, there is no need to rely on heuristic algorithms of antiviruses and proactive protection. And the signatures of malicious programs enter the anti-virus databases only a few hours after the start of large-scale outbreaks. By this time, on infected devices, the work...
Read more

Why Not to Restart Your Computer if It Is Infected With the Ransomware | Total Security

-
Image
The Internet has made our lives easy, especially in the field of online buying and selling, but with simplicity come greater challenges. One of the main issues that come with shopping online is its security concerns. So far this year, more than a thousand shoppers in Australia alone have reported cases of online shopping fraud, and 56.6 percent of those cases come with massive financial losses. As the Internet has become our daily tool for trading, investing, and consuming content, we cannot stop buying and selling online, although we are at risk of phishing from scammers who get richer by defrauding users, so we can do a lot to prevent our money from being stolen and defrauded. Buying from various online stores. This article provides practical advice for smart shopping online. These tips are classified into two parts: 1- Prevention Tips - How to protect yourself from fraud and deception while shopping on the Internet? 2- Tips - What do you do after being deceived? 1- How to protect yo...
Read more