Bruin Learn access is restored. UCLA Digital and Technology Solutions and Bruin Learn administrators are continuing to monitor for delays or unexpected issues with the restoration of UCLA’s Canvas environment. If you continue to experience any issues with Bruin Learn, please reach out to BruinLearn-Support@it.ucla.edu

10.0 Critical: CVE-2020-0796 and NetWalker Ransomware

June 07, 2020
Security Advisory

Summary:

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

CVE-2020-0796 Base Score: 10.0 CRITICAL

Allows for unauthenticated code execution, at first it was local, but remote code execution POCs have been published now.

Michigan State University was ransomed via CVE-2020-0796 (SMBv3 pre-auth execution) and the story mentioned Netwalker.

BleepingComputer

NetWalker Ransomware Operators Targets Columbia College of Chicago

Once again, the Net-Walker ransomware operators trap a big fish in their net. In this instance, they targeted the Columbia College of Chicago and leaked their confidential data online.

Cyble

10.0 Critical: CVE-2020-0796 and NetWalker Ransomware

Summary:

NetWalker Ransomware Operators Targets Columbia College of Chicago

Bruin Learn Access Restored

Security Incident at Instructure (Canvas)

Linux Kernel Local Privilege Escalation Vulnerability (Copy Fail)

Action Required: New Logon Security Protocols to Access UCPath

Beware of Impersonation and Social Engineering During Emergencies