Data Core Systems

https://datacoresystems.ro/investing-in-zero-trust-cybersecurity-architecture-strengthening-your-companys-defense-against-cyberattacks/

Data Core Systems /Trend Micro highlights commitment to cybersecurity excellence at CyberMAN 2023

We continue our tradition by participating in the CyberMAN 2023 cybersecurity contest. This event brought together participants from various institutions within the national defense system, public order, and national security.
Organized by the Cyber Defense Command of the Ministry of National Defense, CyberMAN 2023 took place online between May 8 – 11. There were present organizations such as the Ministry of National Defense, SRI, STS, SPP, MAI, as well as prominent academic institutions and industry leaders in cyber capabilities.
The contest featured a Capture-The-Flag challenge with different levels of complexity, ranging from easy to medium and hard, and a Red Team/Blue Team exercise.
Participants showcased their skills in various categories, including Web, Cryptography, Steganography, Networking, Forensics, Reverse Engineering, Buffer-overflow, and more.
At Data Core Systems, we firmly sustain continuous skill enhancement. Our participation in CyberMAN 2023 allowed us to test our expertise against various challenges. We are dedicated to staying at the forefront of the rapidly evolving threat landscape, ensuring that we can effectively protect our clients from emerging cyber risks.
We want to thank to the organizers, participants, and partners who made CyberMAN 2023 possible.
Stay tuned for more updates from Data Core Systems as we remain committed to delivering cutting-edge cybersecurity solutions and protecting your valuable digital assets. If you have any cybersecurity needs or questions, please don't hesitate to reach out.

Microsoft advises users to immediately patch their systems against zero-day vulnerability (CVE-2023-23397)

Microsoft has patched an Outlook zero-day vulnerability (CVE-2023-23397) that was assigned a CVSSv3 score of 9.8. It was being used to attack European firms by a hacker collective affiliated with Russia's military intelligence service GRU.
The vulnerability (CVE-2023-23397) was discovered by CERT-UA (the Computer Emergency Response Team for Ukraine), and it is a major security flaw that affects Outlook and allows users to elevate their privileges without having to interact with the system.
By forcing the targets' machines to authenticate to attacker-controlled SMB shares, the hacker gang (identified as APT28, STRONTIUM, Sednit, Sofacy, and Fancy Bear) issued malicious Outlook notes and tasks to steal NTLM hashes via NTLM negotiation requests.
The compromised credentials were used to alter the permissions on the Outlook mailbox folders, which enabled email exfiltration for particular accounts.

Microsoft Outlook vulnerability CVE-2023-23397 mitigations

In order to temporarily mitigate the effects of the assaults, Microsoft advises users to immediately patch their systems against CVE-2023-23397, add users to the Active Directory group known as Protected Users, and restrict outbound SMB (TCP port 445).
To assist administrators in determining whether users in an Exchange infrastructure have been affected by this Outlook vulnerability, Microsoft also issued a specific PowerShell script.