August 13, 2024 at 02:44PM Today, Microsoft’s August 2024 Patch Tuesday addresses 89 flaws with security updates, including six actively exploited and three publicly disclosed zero-days. Additionally, Microsoft is in the process of addressing a tenth publicly disclosed zero-day. Based on the meeting notes, the key takeaways are: – It is Microsoft’s August 2024 Patch … Read more
August 12, 2024 at 02:39PM Ukraine’s CERT-UA discovered malicious software being distributed through emails impersonating the country’s Security Service. The emails contain a link to download a file triggering the ANONVNC malware, allowing attackers to access victims’ devices. More than 100 government devices have been affected, and users are advised to contact CERT-UA if suspicious. … Read more
August 9, 2024 at 01:49PM Entro Security, a leader in Non-Human Identity (NHI) and Secrets Management, has announced two groundbreaking features at Black Hat USA: Optical Character Recognition (OCR) support for secret scanning and Employees Tokens Blast Radius. These unique features provide comprehensive insight and governance for secrets and NHI management, empowering security teams with … Read more
August 9, 2024 at 11:25AM A widespread malware campaign installed malicious Google Chrome and Microsoft Edge browser extensions, stealing browsing history and data. Malware employed diverse malvertising themes, infecting victims’ web browsers through fake software installers and digitally signed downloaders. The malware evaded antivirus detection, hijacked browser homepages, and persisted in the system, necessitating manual … Read more
August 7, 2024 at 11:35AM Researchers discovered a method to hide the ‘First Contact Safety Tip’ in Microsoft 365, potentially increasing the risk of users opening malicious emails. Despite reporting the flaw to Microsoft, the tech giant decided not to address it at this time. The technique involves manipulating HTML and CSS to hide the … Read more
August 7, 2024 at 10:57AM A new Linux kernel exploitation technique named SLUBStick has been uncovered, offering the potential to escalate a limited heap vulnerability to an arbitrary memory read-and-write primitive. This method demonstrates the ability to modify kernel data and overcome existing defenses, but it relies on the existence of a heap vulnerability and … Read more
August 7, 2024 at 02:02AM A threat intelligence firm discovered a malicious Android program, BlankBot, targeting Turkish-language speakers. It can capture screen grabs, keystrokes, and create custom overlays to gather sensitive information. The program is under active development and mostly undetected by anti-malware scanners. Its motive for targeting Turkey is unclear, but it appears to … Read more
August 6, 2024 at 05:18PM A study by Elastic Security reveals that reputation-based security controls are less effective at safeguarding organizations against unsafe web applications and content than commonly believed. Attackers have developed techniques like reputation hijacking, reputation seeding, and maliciously signed malware tools to bypass these mechanisms. The study recommends using behavior analysis tools … Read more
August 6, 2024 at 10:44AM Elastic Security Labs revealed various methods for attackers to run malicious apps undetected by Windows’ security features. One method, “LNK Stomping,” exploits a bug in Windows’ handling of shortcut files to bypass SmartScreen and Smart App Control. Elastic engaged with Microsoft about the issue, but no immediate fix is promised. … Read more
August 5, 2024 at 05:15PM Hunters International ransomware group has launched the SharpRhino remote access trojan (RAT) to target IT professionals, using it to breach corporate networks and deploy ransomware. The malware is disseminated through typosquatting and impersonation. Notable victims include Austal USA, Hoya, Integris Health, and the Fred Hutch Cancer Center. Quorum Cyber discovered … Read more