The name of the vulnerability is closely related to the main attack vector exploiting the vulnerability, which is a bug in the configuration of the initialisation vector (IV) when encrypting Netlogon Remote Protocol (MS-NRPC) messages, allowing an internal attacker to fully break the encryption and to pass off as any computer of his choice in the network.

We would like to inform our customers about several critical vulnerabilities in Cisco Discovery Protocol, which an unauthorized attacker can misuse to perform either a Remote Code Execution nebo Denial of Service attack. There are five of these vulnerabilities rated from CVSS 7,4 to 8,8. You can see an identifier for each of the vulnerabilities including their CVSSv3 rating below.

TrickBot malware and Ryuk ransomware activity has grown significantly over the past 48 hours. This activity has been noticed by our technology team in the AEC customer base, across several different segments. Therefore, we recommend taking this warning with the utmost seriousness.

​​We have written several times already about the Android OS vulnerabilities that were found within the Google Zero project. And now, another serious vulnerability has been identified, which not only allows attackers to access SMS text messages, contacts, phone data, it can even give them complete control over a mobile device. This time, however, it is not a vulnerability in the Android operating system, but in the Quram library processing the image files. This library is predominantly used in Samsung mobile phones.

​​Computer systems in medical facilities in Brno and in Kosmonosy paralyzed by recent phishing and security attacks were restored with the help provided by AEC. Specialists working for the leading cyber security provider designed recovery procedures for the internal infrastructure of the compromised systems and recommended steps leading to a significant streamlining and acceleration of the recovery process.

Unauthorized access to e-mail. Potential dangers of malicious code installation, data theft and misuse thereof with social engineering methods. Local companies and institutions are in serious danger connected to the massive attacks on systems using Microsoft Exchange Server. The latest large-scale incident revealed the fact that simple updating is not sufficient for the protection of the company's system.

To defeat hackers, AEC is successfully using a sophisticated solution, efficiency of which significantly exceeds the capabilities of traditional antivirus programmes. Leading cyber security provider’s specialists have repeatedly deployed EDR technology during responses to recent attacks in financial institutions and medical facilities. With help of this technology, they promptly detected the attackers and subsequently prevented them from any further harmful activities.