Nation-state actors are exploiting CVE-2020-0688 Microsoft Exchange server flaw:
Cybersecurity firm Volexity is warning that nation-state actors are attempting to exploit a vulnerability recently addressed in Microsoft Exchange email servers tracked as CVE-2020-0688.
The experts did not provide details on the threat actors that are exploiting the vulnerability, according [to] ZDNet that cited a DOD source the attackers belong to prominent APT groups.
The CVE-2020-0688 flaw resides in the Exchange Control Panel (ECP) component, the root cause of the problem is that Exchange servers fail to properly create unique keys at install time.
"Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which runs as SYSTEM." reads the advisory published by Microsoft.
A remote, authenticated attacker could exploit the CVE-2020-0688 vulnerability to execute arbitrary code with SYSTEM privileges on a server and take full control.
Security experts Simon Zuckerbraun from Zero Day Initiative published technical details on how to exploit the Microsoft Exchange CVE-2020-0688 along with a video PoC.
(Score: 2) by Bot on Monday March 16 2020, @07:25PM (3 children)
$ apt --the-fuck-are-you-doing-apt
E: Command line option --the-fuck-are-you-doing-apt is not understood in combination with the other options
apt is lying, look at the vague reply. Pretty sure that is the reply of a dam liar.
Account abandoned.
(Score: 1, Funny) by Anonymous Coward on Monday March 16 2020, @09:49PM
Oh shit, the bots are implementing polygraph abilities. The end is near, meatbags!
(Score: 3, Funny) by Gaaark on Tuesday March 17 2020, @01:35AM (1 child)
sudo APT-get remove Windows
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 3, Funny) by Bot on Tuesday March 17 2020, @10:57AM
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
rootkit-cia depends on windows;
rootkit-hardware-cpu depends on windows;
rootkit-hardware-gpu depends on windows.
Account abandoned.