HiveNightmare aka SeriousSAM Vulnerability

Sophie Van Remortel
| Digital Marketing & Content Coordinator

LATEST WINDOWS10 VULNERABILITY ALLOWS UNINTENDED USERS ADMINISTRATIVE ACCESS

Microsoft has issued an urgent security notice regarding HiveNightmare (also known as SeriousSAM), which is a vulnerability that can allow a regular user unintended administrative access to an organization’s network. This is a low external risk and high internal risk to environments as the information exposed could potentially allow a skilled attacker to run programs and administrative tools with full administrative privilege on any domain computer.

As of August 6th, 2021 Microsoft has released a workaround solution for systems that are vulnerable to the HiveNightmare security flaw. No patches have yet been released by Microsoft. If you would like more details regarding this vulnerability, they can be found here.

SWICKtech reviewed the details provided by industry leaders, as well as vulnerable clients that ranged from small to medium size in various industries including manufacturing, distrubution, healthcare, retail, and food and beverage. Through SWICKtech’s remote monitoring and management system, SWICKtech’s Security and Operations Center (SOC) remediated the HiveNightmare vulnerability for all clients. SWICKtech’s clients also have capabilities for detection, should an issue arise. These include cybersecurity software such as Microsoft Defender, Endpoint Detection and Response, and SIEM in some instances.

SWICKtech will continue to monitor the details of the vulnerability, keeping client’s network and data security top priority. Please contact us if you have questions regarding HiveNightmare or cybersecurity.

Stop potential hackers in their tracks.

Related Blogs

Payroll Diversion Fraud Is Targeting Employees

Payroll Diversion Fraud Is Targeting Employees

Costly direct deposit theft scams are on the rise How does it work? Cyber criminals are after employee paychecks that ... Read More >
SWICKtech’s New Cybersecurity Agreement Makes Implementing New Cyber Insurance Requirements Easy

SWICKtech’s New Cybersecurity Agreement Makes Implementing New Cyber Insurance Requirements Easy

You may not know your business is at risk until it's too late The landscape of Information Technology (I.T.) has ... Read More >
What Is the Log4J Vulnerability?

What Is the Log4J Vulnerability?

Log4J is a free and open-source logging library widely used by companies large and small. Officially designated CVE-2021-44228, the 0-day ... Read More >