VMware urges admins to remove deprecated, vulnerable auth plug-in

February 20, 2024 at 04:05PM VMware warns administrators to remove a deprecated authentication plugin due to security vulnerabilities, enabling attackers to hijack privileged sessions and relay Kerberos tickets. To address the flaws, uninstall the plugin and stop its associated Windows service using PowerShell commands. The company stated there is no evidence of exploitation, and advises … Read more

Zoom Patches Critical Vulnerability in Windows Applications

February 14, 2024 at 09:03AM Zoom patched seven vulnerabilities in its desktop and mobile applications, including a critical-severity bug in Windows software (CVE-2024-24691). The company also addressed high-severity and medium-severity flaws, warning of potential exploitation for conducting denial-of-service attacks or leaking information. Users are urged to update their applications to the latest releases. No reported … Read more

Windows 10 KB5034763 update released with new fixes, changes

February 13, 2024 at 03:28PM Microsoft has released the KB5034763 cumulative update for Windows 10 21H2 and 22H2. It includes compliance with Europe’s Digital Markets Act and security updates. The update introduces no new features but focuses on bug fixes, including an improved weather experience and fixing known issues. See the BleepingComputer for detailed information. … Read more

Microsoft Confirms Windows Exploits Bypassing Security Features

February 13, 2024 at 02:57PM Microsoft has issued a large set of security software updates, highlighting three vulnerabilities being exploited in live malware attacks. The updates address 72 security flaws in the Windows ecosystem, warning of risks including remote code execution and privilege escalation. Meanwhile, Adobe has patched 30 security flaws and urged users to … Read more

PurpleFox malware infects thousands of computers in Ukraine

February 1, 2024 at 02:11PM CERT-UA warns about the PurpleFox malware infecting over 2,000 computers in Ukraine. The malware, first seen in 2018, has evolved to switch to using WebSocket for stealthy command and control communications. CERT-UA provides detailed information on how to locate and remove the malware and recommends measures to prevent further spreading. … Read more

‘CherryLoader’ Malware Allows Serious Privilege Execution

January 25, 2024 at 12:52PM Researchers have detected a threat actor utilizing a new, sophisticated downloader named “CherryLoader” to gain admin-level access on systems. The attacker also utilized privilege escalation tools from the “potato” family. CherryLoader’s notable feature is its ability to swap payloads without recompiling code, enhancing flexibility and evading detection. Based on the … Read more

High-Severity Vulnerability Patched in Splunk Enterprise

January 23, 2024 at 09:12AM Splunk announced patches for multiple vulnerabilities, including a high-severity bug (CVE-2024-23678) affecting Splunk Enterprise on Windows, allowing unsafe deserialization leading to potential denial of service, application logic abuse, or code execution. Other medium-severity vulnerabilities and flaws in third-party packages were also resolved in versions 9.0.8 and 9.1.3. Splunk recommends upgrading … Read more

Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer

January 16, 2024 at 02:45AM Threat actors exploit a patched security flaw in Microsoft Windows to deploy the Phemedrone Stealer, targeting web browsers, cryptocurrency wallets, and messaging apps. The flaw, CVE-2023-36025, allows attackers to bypass Windows SmartScreen protection. Despite being patched, threat actors find ways to exploit the flaw, highlighting their flexibility in adapting attack … Read more

Microsoft’s January 2024 Windows Update Patches 48 New Vulnerabilities

January 10, 2024 at 01:06AM In January 2024, Microsoft addressed 48 security flaws in its software, with 2 rated Critical and 46 Important. No evidence indicates active attacks, marking the second consecutive Patch Tuesday with no zero-days. This includes fixes for vulnerabilities in the Chromium-based Edge browser. Other vendors have also released security updates to … Read more

Microsoft January 2024 Patch Tuesday fixes 49 flaws, 12 RCE bugs

January 9, 2024 at 02:11PM Microsoft’s January 2024 Patch Tuesday addresses 49 flaws and 12 remote code execution vulnerabilities. Notably, a Windows Kerberos Security Feature Bypass and a Hyper-V RCE were classified as critical. Microsoft also addressed an Office Remote Code Execution Vulnerability and other flaws. Other vendors released updates, including .NET, Azure, Microsoft Edge, … Read more