Patch Your DNS Servers! SigRed
KB ID 0001687 Problem WARNING: This is rated 10 on the CVSS scale. Affected Server OS: Windows 2003, Windows 2008, Windows 2008 R2, Windows 2012, Windows 2012 R2, Windows 2016, Windows 2019 Yesterday Microsoft released a critical notice (KB4569509) to address vulnerabilities identified in (CVE-2020-1350). Basically it allows a remote attacker to perform remote code execution on your DNS servers (unless you patch them!) The reason its...
Cisco ASA – Disable SSLv3 (Force TLSv1.0) – Mitigate POODLE
KB ID 0001052 Problem By default the Cisco ASA will allow connection via SSLv3. The POODLE exploit works by forcing SSL to fall back to SSLv3 and then decrypting that communication. However you are still not completely protected as per this Threat Validation, so the ASA platform can still be attacked via TLSv1.0. Note: At time of writing TLSv1.2 is not supported, but it is on the road-map for version 9.3(2). So this procedure will not...