October 17, 2024 at 05:04PM The ClickFix campaign, emerging in May, lures users to fake Google Meet pages leading to malware infections via fraudulent connectivity errors. It has evolved to target firms with phishing tactics and impersonates legitimate tools. Two threat groups, SNE and Scamquerteo, are behind this rise in cyberattacks, exposing various malware risks. … Read more
October 16, 2024 at 07:45AM North Korean group ScarCruft exploited a zero-day vulnerability (CVE-2024-38178) in Windows to deploy RokRAT malware via a compromised advertising server. Users are tricked into clicking malicious links. This incident showcases ScarCruft’s evolving techniques, emphasizing the need for software updates to enhance security against such threats. ### Meeting Takeaways – October … Read more
October 13, 2024 at 02:30PM Apple released updates for iTunes 12.13.3 for Windows on September 12, 2024, addressing two vulnerabilities: CVE-2024-44193, which involves logic issues allowing privilege escalation, and CVE-2024-44157, a stack buffer overflow affecting system stability when handling malicious video files. Updates are available for Windows 10 and later. ### Meeting Notes Summary **Apple … Read more
October 10, 2024 at 03:24PM Microsoft’s new Administrator Protection feature in Windows aims to strengthen security by limiting local administrator privileges. It transforms privilege elevation into a “just-in-time” event, utilizing a temporary shadow account that disappears post-task, making it harder for attackers to exploit administrative access. This enhances overall system security and monitoring capabilities. ### … Read more
October 8, 2024 at 07:40PM Patch Tuesday released 117 Microsoft patches, addressing serious vulnerabilities including CVE-2024-43572, a high-risk flaw allowing unauthorized code execution, and CVE-2024-43573, a moderate spoofing issue. Adobe and SAP also issued numerous updates, with notable concerns in BusinessObjects and Apache Log4j related to their respective vulnerabilities. ### Meeting Takeaways **Patch Tuesday Overview … Read more
September 16, 2024 at 09:36PM Microsoft has confirmed that a recently patched Internet Explorer vulnerability, CVE-2024-43461, was exploited as a zero-day before it was fixed. The flaw allowed malicious actors to hide the true file-type extension of a downloaded file, enabling the execution of malicious code. This exploit was used by the Void Banshee gang … Read more
September 16, 2024 at 03:56PM CISA orders U.S. federal agencies to secure systems against a Windows MSHTML spoofing bug exploited by the Void Banshee APT group. The vulnerability (CVE-2024-43461) was exploited before being fixed, allowing attackers to execute code on unpatched Windows systems. The vulnerability has been added to CISA’s Known Exploited Vulnerabilities catalog, and … Read more
September 11, 2024 at 03:45AM Microsoft disclosed three new security flaws impacting the Windows platform, with 79 vulnerabilities addressed in the September 2024 Patch Tuesday update. Seven are rated Critical, 71 Important, and one Moderate. Exploited vulnerabilities include CVE-2024-38014, CVE-2024-38217, and CVE-2024-38226. Additional security updates were released by various vendors to address vulnerabilities. Based on … Read more
September 10, 2024 at 02:23PM Microsoft has released the KB5043064 cumulative update for Windows 10 22H2 and 21H2, including 6 fixes and security updates fixing 142 vulnerabilities. Users can install it manually or schedule an update time. It addresses various issues, including Bluetooth and BitLocker bugs. However, there are issues with account profile pictures and … Read more
September 2, 2024 at 12:24AM Developers of Roblox are being targeted by a persistent campaign that uses fake npm packages to compromise systems, mimicking the popular ‘noblox.js’ library. Attackers employ brandjacking and starjacking to give a facade of legitimacy. Malicious packages steal data and deploy malware, with the end goal being to deploy Quasar RAT … Read more