August 15, 2024 at 07:33AM A cybercrime group linked to RansomHub ransomware has been using a new tool, EDRKillShifter, to disable endpoint detection and response software on compromised hosts. This tool is a delivery mechanism for vulnerable drivers and can deliver different driver payloads. It’s important to keep systems updated and enable tamper protection in … Read more
March 14, 2024 at 02:54PM Summary: Apple ID HT214091 released an update on December 14, 2023, addressing CVE-2023-42938, a logic issue with improved checks. The impact is that a local attacker may elevate their privileges. The affected product is the Mobile Device Service, with the update available for Windows 10 and later. Based on the … Read more
February 8, 2024 at 01:55PM Microsoft introduced ‘Sudo for Windows,’ a new feature in Windows 11, enabling users to run elevated commands from unelevated terminals. They recommend Gerardo Grignoli’s gsudo as an alternative with more features. The tool is being rolled out to Windows Insiders and will only be available on non-server builds. Microsoft plans … Read more
October 18, 2023 at 07:00AM Tens of thousands of Cisco devices have been hacked through a newly disclosed zero-day vulnerability, CVE-2023-20198. Cisco is working on a patch, but in the meantime, customers are advised to implement mitigations. The vulnerability allows attackers to gain elevated privileges and complete control over targeted systems. Cybersecurity companies have observed … Read more