eSecurity Planet

MARCH 19, 2024

Microsoft, as usual, led the pack in quantity for Patch Tuesday this March with fixes for nearly 59 vulnerabilities including two critical flaws. So far research sites, such as the GreyNoise exploit tracking site , don’t yet see active exploitation trends. The critical vulnerability, CVE-2024-21899 with a CVSS score of 9.8,

Authentication 102

Authentication VPN Software DDOS 102

eSecurity Planet

JUNE 2, 2022

With nearly $200 billion in annual sales, Microsoft is the world’s largest software and information technology (IT) vendor, its products widely used by both companies and consumers. The malware loads itself from remote servers and bypasses Microsoft Defender, according to Nao Sec , a Japanese cybersecurity research team.

Software 99

Software Cybersecurity Accountability Technology 99

Malwarebytes

JULY 12, 2023

An unpatched zero-day vulnerability is currently being abused in the wild , targeting those with an interest in Ukraine. Microsoft reports that CVE-2023-36884 is tied to reports of: …a series of remote code execution vulnerabilities impacting Windows and Office products. A variety of attacks on several fronts, then.

Telecommunications 93

Telecommunications Phishing Software Government 93

Security Affairs

MAY 31, 2022

Microsoft released workarounds for a recently discovered zero-day vulnerability, dubbed Follina, in the Microsoft Office productivity suite. “On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows vulnerability.”

Cybersecurity 111

Cybersecurity Hacking Accountability Information Security 111

Security Affairs

JUNE 21, 2022

Researchers linked a new APT group, tracked as ToddyCat, to a series of attacks targeting entities in Europe and Asia since at least December 2020. Researchers from Kaspersky have linked a new APT group, tracked as ToddyCat, to a series of attacks aimed at high-profile entities in Europe and Asia since at least December 2020.

Architecture 113

Architecture Malware Hacking Cybersecurity 113

eSecurity Planet

AUGUST 26, 2021

Microsoft this week issued an advisory about three vulnerabilities referred to collectively as ProxyShell days after security researchers at a federal government cybersecurity agency warned that cybercriminals were actively trying to exploit them. Microsoft Faces Criticism for Response.

Ransomware 117

Ransomware Cybersecurity Manufacturing Engineering 117

eSecurity Planet

NOVEMBER 6, 2023

The past week has been a busy one for cybersecurity vulnerabilities, with 34 vulnerable Windows drivers and four Microsoft Exchange flaws heading a long list of security concerns. QNAP vulnerabilities and npm package supply chain attacks also made our list this week, plus a look at the new CVSS v4.0 The problem: The 9.1

Software 91

Software Education Firmware Ransomware 91

Security Boulevard

AUGUST 18, 2021

Last week, in its Patch Tuesday update, Microsoft Security Response Center released an additional security fix for the series of zero-day vulnerabilities known collectively as “PrintNightmare,” which can be used to break into all versions of Windows computers.

Accountability 59

Accountability Ransomware Cyber Attacks 59

Kali Linux

DECEMBER 4, 2023

Whilst this release may not have the most end-user features in it again, there are a number of new platform offerings and there still has been a lot of changes going on behind-the-scenes for us, which has a positive knock-on effect resulting in a benefit for everyone. The summary of the changelog since the 2023.3

Architecture 145

Architecture Passwords Firmware Software 145

Duo's Security Blog

OCTOBER 25, 2023

Outdated software in particular can be exploited due to vulnerabilities and bugs in the code. The availability of exploit kits that automate the process of targeting known vulnerabilities with malware has made it easier for the weekend hacker to launch attacks. Here are three commonly exploited software types. Can I come in?”

Software 108

Software Mobile Malware Risk 108

Security Affairs

JUNE 6, 2022

A nation-state actor is attempting to exploit the Follina flaw in a recent wave of attacks against government entities in Europe and the U.S. An alleged nation-state actor is attempting to exploit the recently disclosed Microsoft Office Follina vulnerability in attacks aimed at government entities in Europe and the U.S.

Phishing 101

Phishing Government Cybersecurity Hacking 101

Security Affairs

MAY 15, 2019

Microsoft Patch Tuesday updates for May 2019 address nearly 80 vulnerabilities, including an RDS flaw allowing WannaCry -Like attacks. Microsoft Patch Tuesday updates for May 2019 address nearly 80 vulnerabilities, including a Windows zero-day flaw and an RDS vulnerability that can be exploited to carry out WannaCry -like attack.

Malware 83

Malware Authentication Advertising Accountability 83

Security Affairs

OCTOBER 5, 2020

In 2015, the hacker who breached the systems of the Italian surveillance firm Hacking Team leaked a 400GB package containing hacking tools and exploits codes. RCS has a modular structure that allows it to compromise several targets by loading the necessary zero-day exploits.

Firmware 126

Firmware Spyware Surveillance Hacking 126

Security Affairs

AUGUST 14, 2019

Microsoft Patches Over 90 Vulnerabilities With August 2019 Updates. Microsoft Patch Tuesday security updates for August 2019 address more than 90 flaws, including two new ‘ wormable ‘ issues in Windows Remote Desktop Services. This vulnerability is pre-authentication and requires no user interaction.”

Authentication 83

Authentication Advertising Internet Internet 83

Security Affairs

MARCH 16, 2021

Microsoft released an Exchange On-premises Mitigation Tool (EOMT) tool to small businesses for the fix of ProxyLogon vulnerabilities. Immediately after the disclosure of the flaws, some PoC exploits were shared online causing a spike in the number of the attacks. ” reads the post published by Microsoft.

Small Business 96

Small Business Manufacturing Banking Hacking 96

Krebs on Security

FEBRUARY 11, 2020

Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited.

Backups 55

Backups Malware Internet Internet 55

Security Affairs

SEPTEMBER 12, 2018

Microsoft Patch Tuesday updates for September 2018 address over 60 vulnerabilities, including the recently disclosed zero-day flaw. The Microsoft Patch Tuesday updates for September 2018 includes the zero-day flaw recently disclosed by a researcher via Twitter. Of the 62 CVEs.

Advertising 46

Advertising Engineering Authentication Internet 46

SecureList

AUGUST 15, 2022

New technique for installing fileless malware. Earlier this year, we discovered a malicious campaign that employed a new technique for installing fileless malware on target machines by injecting a shellcode directly into Windows event logs. Mobile statistics. Targeted attacks.

Mobile 80

Mobile Ransomware Malware Encryption 80

Security Boulevard

MAY 3, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. Business social media platform LinkedIn is being exploited by nation-state threat actors to target UK citizens. Think Before You LinkedIn! The Ransomware Scourge.

Ransomware 124

Ransomware Passwords Scams Government 124

Malwarebytes

JULY 29, 2021

This blog post was authored by Hossein Jazi. docx” (“Manifest.docx”) that downloads and executes two templates: one is macro-enabled and the other is an html object that contains an Internet Explorer exploit. ” Victims are tracked and statistics include whether the IE exploit was successful or not.

Architecture 141

Architecture Social Engineering Cyber Attacks Engineering 141

Security Affairs

MARCH 2, 2019

Today, Microsoft is using VBA macros (Visual Basic for Applications) instead of Excel 4.0 The threat is only detected later when an MSI file (Windows installer) drops and execute the first infection stage of the malware. msiexec.exe process downloads an MSI installer that drops the first stage of the malware. macro code.

Malware 84

Malware Antivirus Technology Phishing 84

Krebs on Security

AUGUST 10, 2021

Microsoft today released software updates to plug at least 44 security vulnerabilities in its Windows operating systems and related products. Microsoft said attackers have seized upon CVE-2021-36948 , which is a weakness in the Windows Update Medic service.

Software 302

Software Internet Internet Backups 302

Krebs on Security

OCTOBER 13, 2020

In keeping with that theme, if you (ab)use Microsoft Windows computers you should be aware the company shipped a bevy of software updates today to fix at least 87 security problems in Windows and programs that run on top of the operating system. That means it’s once again time to backup and patch up. 10 is the most awful).

Backups 313

Backups Malware Engineering Software 313

SecureList

NOVEMBER 30, 2021

The report, called Pegasus Project , alleged that the software uses a variety of exploits, including several iOS zero-click zero-days. For this annual review, we have tried to focus on what we consider to be the most interesting trends and developments of the last 12 months. Supply-chain attacks.

Malware 102

Malware Mobile Spyware Surveillance 102

Malwarebytes

JANUARY 12, 2022

A convincingly-branded message that tells users they need to update their out of date software taps into all the good security messaging users have soaked up, it gives them a reason to install strange software from the Internet, and it carries exactly the right mixture of implied threat and urgency that social engineers like.

Ransomware 142

Ransomware Social Engineering Engineering Software 142

eSecurity Planet

SEPTEMBER 17, 2021

Cybercriminals are targeting Linux-based servers running Microsoft’s Azure public cloud environment that are vulnerable to flaws after Microsoft didn’t automatically apply a patch on affected clients in its infrastructure. 16 after a proof-of-concept exploit was published earlier in the day on GitHub.

Risk 114

Risk Internet Internet Software 114

SecureList

AUGUST 12, 2021

In their blog, DarkSide’s creators heaped the blame on third-party operators. Another consequence of this high-profile incident was a new rule on the Russian-language forum XSS, where many developers of ransomware, including REvil (also known as Sodinokibi or Sodin), LockBit and Netwalker, advertise their affiliate programs.

Adware 93

Adware Malware Ransomware IoT 93

SecureList

APRIL 27, 2021

This is our latest installment, focusing on activities that we observed during Q1 2021. In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. The most remarkable findings.

Malware 139

Malware Spyware Government Social Engineering 139

Malwarebytes

JULY 13, 2022

However, in a clear bid for the supply chain jugular, threat actors also zeroed in on manufacturing, technology, utilities (including oil), and agriculture. However, in a clear bid for the supply chain jugular, threat actors also zeroed in on manufacturing, technology, utilities (including oil), and agriculture. Top countries.

Ransomware 111

Ransomware Manufacturing Government Computers and Electronics 111

ForAllSecure

MARCH 30, 2022

It’s about how they started with a deliberately misconfigured version of CosmosDB and ended up with complete unrestricted access to the accounts and the databases of thousands of Microsoft Azure customers. We’ve seen hints of this in tv shows such as Mr. Robot. Owner: May I help you with something? Then I decided to hack you.

Firewall 52

Firewall Authentication Encryption Accountability 52

SecureList

JULY 29, 2021

This is our latest installment, focusing on activities that we observed during Q2 2021. Investigating the recent Microsoft Exchange vulnerabilities we and our colleagues from AMR found an attacker deploying a previously unknown backdoor, “FourteenHi”, in a campaign that we dubbed ExCone, active since mid-March.

Malware 141

Malware Phishing Password Management Social Engineering 141