Get a Pentest and security assessment of your IT network.

Cyber Security

New Windows 10 SMBv3 flaw can be used for data theft, RCE attacks

A new security vulnerability was found in the compression mechanism of the Microsoft Server Message Block 3.1 (SMBv3) network communication protocol used by multiple versions of Windows 10 and Windows Server. The security flaw, tracked as CVE-2020-1206 and named SMBleed, was discovered in the same function behind SMBGhost, a pre-auth remote code execution (RCE) vulnerability tagged as “wormable”” by Microsoft and patched in March. ZecOps has released two proof-of-concepts (PoC) together with the security advisory detailing their findings.”

Source: https://www.bleepingcomputer.com/news/security/new-windows-10-smbv3-flaw-can-be-used-for-data-theft-rce-attacks/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation