January 25, 2024 at 02:30AM CherryLoader, a new Go-based malware loader, has been discovered by threat hunters. It masquerades as the legitimate CherryTree note-taking application to trick victims. The loader delivers privilege escalation tools and can swap out exploits without recompiling code. Its distribution method is unknown, but it is contained in a RAR archive … Read more
January 17, 2024 at 09:57AM PAX Technology’s PoS terminals have high-severity vulnerabilities that could allow threat actors to execute arbitrary code. The STM Cyber R&D team discovered six flaws, including privilege escalation and local code execution, impacting various PAX devices. The vulnerabilities were responsibly disclosed to PAX, and patches were released in November 2023. Key … Read more
January 17, 2024 at 06:39AM The upcoming webinar, “The Art of Privilege Escalation – How Hackers Become Admins,” presented by Joseph Carson, aims to equip IT security experts with the knowledge, tools, and strategies to counter cyber threats. Attendees will delve into the mind of cyber attackers, learn to detect privilege escalation attempts, and develop … Read more
December 14, 2023 at 11:25AM Active Directory (AD) is a prime target for threat actors due to its role in identity management. Vulnerabilities like Kerberoasting, password spraying, default credentials, and privilege escalation pose significant risks. Specops Password Policy and Specops Password Auditor offer solutions to safeguard against these threats, through strong password enforcement and breach … Read more
December 8, 2023 at 12:20PM Insider threats using privilege escalation flaws are on the rise, with 55% of incidents relying on privilege escalation exploits and 45% introducing risks through downloading risky tools. Crowdstrike reports that insider attacks cost an average of $648,000 for malicious and $485,000 for non-malicious incidents. Additionally, introducing flaws into networks increases … Read more
November 28, 2023 at 05:08PM Researchers have discovered three unpatched vulnerabilities in Ray, an open source framework used for scaling AI and machine learning workloads. These vulnerabilities could allow attackers to gain operating system access, execute remote code, and escalate privileges. Anyscale, the company that sells a managed version of Ray, has not yet addressed … Read more
November 28, 2023 at 08:06AM A design flaw in Google Workspace’s domain-wide delegation (DWD) feature poses a serious security risk, allowing threat actors to gain unauthorized access to Workspace APIs. The flaw, called DeleFriend, can be exploited by manipulating existing delegations in Google Cloud Platform and Workspace. It enables theft of emails, data exfiltration, and … Read more
November 16, 2023 at 04:02PM Researchers have discovered a vulnerability in AMD CPUs that can be exploited to undermine memory protections in cloud environments. Known as CacheWarp, this vulnerability impacts first- through third-generation EPYC processors. Attackers can use the vulnerability to gain unauthorized access and perform privilege escalation. AMD has released a microcode patch for … Read more
November 15, 2023 at 02:57AM Intel has released fixes for a high-severity flaw called Reptar that affects its desktop, mobile, and server CPUs. The vulnerability, tracked as CVE-2023-23583, allows for privilege escalation, information disclosure, denial of service, and bypassing of security boundaries. Intel has published updated microcode for all affected processors and there is currently … Read more
November 14, 2023 at 07:42PM Microsoft’s November Patch Tuesday fixes around 60 vulnerabilities, including three that have already been exploited. These include privilege-escalation vulnerabilities in Windows Desktop Manager and Windows Cloud Files Mini Filter Driver, as well as a security feature bypass flaw in Windows Defender SmartScreen. Additionally, Adobe patched 76 vulnerabilities across its products, … Read more