August 27, 2024 at 05:06PM Security researcher “Ynwarcs” has disclosed a zero-click vulnerability in Windows TCP/IP, known as CVE-2024-38063, allowing remote code execution on systems with IPv6 enabled. The exploit affects Windows 10, 11, and Server, with an available proof-of-concept on GitHub. Users are urged to apply Microsoft’s latest security updates promptly. Meeting Notes Summary: … Read more
August 23, 2024 at 12:33PM A series of attacks since July 2024 have utilized a less common method known as AppDomain Manager Injection to exploit Microsoft .NET applications on Windows, posing a significant security threat. It seems like you’ve provided the introductory part of the meeting notes. How can I assist you with this information? … Read more
August 22, 2024 at 12:35PM Microsoft has acknowledged that the August 2024 Windows security updates are causing issues for dual-boot systems with Secure Boot enabled, particularly affecting Linux booting. The problem stems from a Secure Boot Advanced Targeting update, blocking unpatched Linux boot loaders against a specific vulnerability. Microsoft is working on a fix and … Read more
August 21, 2024 at 11:05AM August 2024 Windows security updates are causing issues for dual-boot on some Linux systems with Secure Boot enabled. Microsoft applied a Secure Boot Advanced Targeting (SBAT) update to block Linux boot loaders unpatched against the CVE-2022-2601 GRUB2 vulnerability, impacting various Linux distributions. The affected users are experiencing “Verifying shim SBAT … Read more
August 19, 2024 at 11:37PM The North Korean Lazarus hacking group exploited a zero-day flaw in Windows AFD.sys driver to install the FUDModule rootkit on targeted systems. Microsoft fixed the flaw (CVE-2024-38193) in August 2024, along with seven other zero-day vulnerabilities. Gen Digital warned about the activities and targeting of the notorious group, which is … Read more
August 16, 2024 at 06:10AM Trend Micro’s Zero Day Initiative (ZDI) revealed a zero-day vulnerability, CVE-2024-38213, named Copy2Pwn, which cybercriminals exploited to bypass Windows protections. Microsoft fixed this flaw in June 2024 but only disclosed it in August. ZDI discovered it during the analysis of attacks by a threat group named Water Hydra for bypassing … Read more
August 15, 2024 at 07:33AM A cybercrime group linked to RansomHub ransomware has been using a new tool, EDRKillShifter, to disable endpoint detection and response software on compromised hosts. This tool is a delivery mechanism for vulnerable drivers and can deliver different driver payloads. It’s important to keep systems updated and enable tamper protection in … Read more
August 13, 2024 at 02:08PM Microsoft has resolved an issue where some Windows devices were booting into BitLocker recovery after installing the latest Windows security updates. Based on the meeting notes, it appears that Microsoft has resolved a previously known issue that was causing some Windows devices to boot into BitLocker recovery after installing the … Read more
August 13, 2024 at 01:45PM Adobe released 72 security vulnerability fixes for various products, warning Windows and macOS users of code execution and denial-of-service risks. Critical flaws were addressed in Adobe Acrobat, Reader, Illustrator, Photoshop, InDesign, Commerce, Bridge, Substance 3D Stager, Substance 3D Sampler, Substance 3D Designer, and InCopy, urging users to update to the … Read more
August 12, 2024 at 02:02PM A flaw in the CLFS driver triggers blue screen crashes across various Windows versions. The bug involves inadequate validation of log file data, enabling attackers to cause system crashes at will. Despite a medium security score, the issue remains unresolved, posing potential disruption to business operations. Microsoft is yet to … Read more