SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Patch Tuesday highlighted by DNS bug, critical vulns affecting Intel and AMD
Description: Microsoft released its monthly security update Tuesday, disclosing more than 120 vulnerabilities across its array of products. While only a few vulnerabilities are considered critical, users of all Microsoft and Windows products are urged to update their software as soon as possible to avoid possible exploitation. The security updates cover several different products including the Hyper-V engine, Microsoft Word and the rest of the Microsoft Office suite of products. Six of the critical vulnerabilities that Microsoft fixed this month could allow an adversary to execute remote code by exploiting the RemoteFX feature in the Windows Hyper-V engine. These bugs affect some Intel and AMD drivers.
Snort SIDs: 54509 - 54511, 54516 - 54518, 54521 - 54525, 54534, 54535
Title: NetSupport RAT among biggest threats to government agencies
Description: The U.S. Department of Homeland Security recently released a report outlining the three most popular malware families its intrusion prevention system detects. The NetSupport remote access tool leads the group, followed by the Kovter trojan and the XMRig cryptocurrency miner. The NetSupport Manager RAT leverages legitimate administration software to infect victim machines and then remotely take control of them.
Snort SIDs: 54496