Hackers are using Zerologon exploits in attacks in the wild
Microsoft is warning of threat actors that are actively using the Windows Server Zerologon exploits in attacks in the wild. Microsoft has published a series of Tweets to warn of attackers that are...
View ArticleClik here to view.
IPStorm botnet evolves to infect Android, Linux, and Mac devices
Researchers from Intezer reported that the IPStorm botnet has evolved to infect other operating systems, including Android, Linux, and Mac devices. The IPStorm botnet was first uncovered in May 2019...
View ArticleClik here to view.
Using a WordPress flaw to leverage Zerologon vulnerability and attack...
Using a WordPress flaw (File-Manager plugin–CVE-2020-25213) to leverage Zerologon (CVE-2020-1472) and attack companies’ Domain Controllers. Recently, a critical vulnerability called Zerologon –...
View ArticleFour npm packages found opening shells and collecting info on Linux, Windows...
On Thursday, four JavaScript packages have been removed from the npm portal because they have been found containing malicious code. NPM staff removed four JavaScript packages from the npm portal...
View ArticleMicrosoft released out-of-band Windows fixes for 2 RCE issues
Microsoft released two out-of-band security updates to address remote code execution (RCE) bugs in the Microsoft Windows Codecs Library and Visual Studio Code. Microsoft has released two out-of-band...
View ArticleClik here to view.
GravityRAT malware also targets Android and macOS
Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. Researchers from Kaspersky Lab have spotted new variants of the GravityRAT...
View ArticleThreat actors are actively exploiting Zerologon flaw, Microsoft warns
Microsoft researchers are warning that threat actors are continuing to actively exploit the ZeroLogon vulnerability in attacks in the wild. Microsoft is warning that threat actors are actively...
View ArticleGoogle discloses unpatched Windows zero-day exploited in the wild
Google researchers disclosed today a zero-day vulnerability in the Windows operating system that is currently under active exploitation. Security researchers from Google have disclosed a zero-day...
View ArticleClik here to view.
A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed
Researcher discovers a zero-day vulnerability in Windows 7 and Windows Server 2008 while he was working on a Windows security tool. The French security researcher Clément Labro discovered a zero-day...
View ArticleGoogle reported that Microsoft failed to fix a Windows zero-day flaw
Google’s Project Zero experts publicly disclosed details of an improperly patched zero-day code execution vulnerability in Windows. White hat hackers at Google’s Project Zero team has publicly...
View ArticleClik here to view.
Sophisticated hacking campaign uses Windows and Android zero-days
Google Project Zero researchers uncovered a sophisticated hacking campaign that targeted Windows and Android users. The Google Project Zero team has recently launched an initiative aimed at devising...
View ArticleMicrosoft Patch Tuesday for January 2021 fixes 83 flaws, including an...
Microsoft Patch Tuesday security updates for January 2021 address 83 vulnerabilities, including a critical flaw actively exploited in the wild. Microsoft Patch Tuesday security updates for January...
View ArticleClik here to view.
WatchDog botnet targets Windows and Linux servers in cryptomining campaign
PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking...
View ArticleGoogle discloses technical details of Windows CVE-2021-24093 RCE flaw
Google Project Zero team disclosed the details of a recently patched remote code execution vulnerability (CVE-2021-24093) in Windows Operating system. White hat hacker at Google Project Zero disclosed...
View ArticleClik here to view.
Israeli surveillance firm Candiru used Windows zero-days to deploy spyware
Experts said that Israeli surveillance firm Candiru, tracked as Sourgum, exploited zero-days to deliver a new Windows spyware. Microsoft and Citizen Lab believe that the secretive Israel-based Israeli...
View ArticleClik here to view.
Microsoft warns of a zero-day in Internet Explorer that is actively exploited
Microsoft warns of a zero-day vulnerability in Internet Explorer that is actively exploited by threat actors using weaponized Office docs. Microsoft warns of a zero-day vulnerability (CVE-2021-40444)...
View ArticleClik here to view.
Microsoft warns of attacks exploiting recently patched Windows MSHTML...
Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444). Microsoft warns of multiple threat actors,...
View ArticleClik here to view.
Chinese APT IronHusky use Win zero-day in recent wave of attacks
A Chinese-speaking hacking group exploited a Windows zero-day vulnerability in a wave of attacks on defense and IT businesses. A Chinese-speaking hacking group exploited a zero-day vulnerability in...
View ArticleMalware are already attempting to exploit new Windows Installer zero-day
Vxers are already attempting to use the proof-of-concept exploit code targeting a new Microsoft Windows Installer zero-day publicly disclosed on Sunday. Malware authors are already attempting to use...
View ArticlePatch these 2 Active Directory flaws to prevent the takeover of Windows domains
Microsoft warns of a couple of Active Directory flaws fixed with the November 2021 Patch Tuesday updates that could allow takeover of Windows domains. Microsoft released an alert on a couple of Active...
View Article
