Cyber Security News
Published 15/01/2020

Il 14 Gennaio la National Security Agency (NSA) ha diramato un comunicato contenente i dettagli di una vulnerabilità che affligge sistemi Microsoft Windows (Windows 10, Windows Server 2016/2019).

La vulnerabilità (CVE-2020-0601) impatta il processo di validazione dei certificati e potrebbe essere sfruttata in modalità e vettori differenti:

  • connessioni HTTPS
  • file ed email firmati con certificato
  • eseguibili firmati con certificato

Mitigazione

Si consiglia di mantenere aggiornati i sistemi, applicando il prima possibile le patch di sicurezza del mese in corso, incrementando il livello di monitoraggio dei sistemi critici ed in particolar modo dei sistemi esposti su rete pubblica.

Fonti

Media Defense Gov

Microsoft Security Advisory:

ALERTCVE-2020-0601

Related articles

Cyber Security News
March 25, 2026

TeamPCP: The Rise of Cloud-Native Extortion and Supply Chain Attacks

TeamPCP: The Rise of Cloud-Native Extortion and Supply Chain Attacks TeamPCP is […]
supply-chainteampcpthreat
Learn more
Malware Analysis
March 23, 2026

Protected: Matanbuchus – Malware Analysis

There is no excerpt because this is a protected post.
charonmalwarematanbuchusmatanbuchus 3.0ransomware
Learn more
Tactical analysis of Storming Tide criminal campaign infrastructure and data exfiltration techniques - image generated by Google Gemini
DefenceFeatured
March 13, 2026

Operation Storming Tide: A massive multi-stage intrusion campaign

In February 2026, the Fortgale Incident Response team investigated a multi-stage intrusion attributed to Mora_001, a Russian-origin threat actor exploiting Fortinet vulnerabilities. The campaign, internally dubbed "FortiSync Quasar," revealed an evolution from ransomware operations to strategic espionage, deploying Matanbuchus 3.0, Astarion RAT, and SystemBC. Rapid containment prevented any data exfiltration.
EspionageForescoutFortgalefortinetmatanbuchusmora_001ransomwarereportSentinelOnestorming tide
Learn more