Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails

November 14, 2024 at 01:33AM A newly patched Windows NT LAN Manager (NTLM) vulnerability (CVE-2024-43451) was exploited by a Russia-linked actor in attacks on Ukraine, enabling the theft of user hashes via infected documents. The attack involves phishing emails linking to malicious files, leading to potential financial theft within an hour of compromise. ### Meeting … Read more

Windows Themes zero-day bug exposes users to NTLM credential theft

October 30, 2024 at 05:35PM A zero-day vulnerability in Windows Themes allows attackers to steal NTLM credentials. Acros Security provides a free micropatch to address the issue while Microsoft awaits an official fix. Exploitation requires user interaction, such as copying a malicious theme file. Users are advised to apply the micropatch promptly for protection. ### … Read more

Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices

October 24, 2024 at 06:06AM The Lazarus Group exploited a now-patched zero-day vulnerability in Google Chrome to control devices by targeting cryptocurrency sector individuals via a fake game website. Disguised as a decentralized finance game, the attack, discovered by Kaspersky, began in February 2024 and involved advanced social engineering tactics. ### Meeting Takeaways on Lazarus … Read more

Fortinet Confirms Zero-Day Exploit Targeting FortiManager Systems

October 23, 2024 at 04:07PM Fortinet has confirmed zero-day exploits targeting a remote code execution vulnerability in the FortiManager platform, which has a CVSS severity score of 9.8/10. The information was reported by SecurityWeek. ### Meeting Takeaways – **Subject**: Zero-Day Exploit in FortiManager – **Vendor**: Fortinet – **Issue**: Confirmation of zero-day exploits affecting a remote … Read more

Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day

October 23, 2024 at 02:08PM The North Korean Lazarus hacking group exploited a Google Chrome zero-day (CVE-2024-4947) through a fake DeFi game, targeting cryptocurrency users. Discovered by Kaspersky on May 13, 2024, the exploit gained access to sensitive data. Google issued a fix by May 25, 2024, addressing the vulnerability. ### Meeting Takeaways: **Incident Overview:** … Read more

DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks

October 20, 2024 at 09:07PM APT37, a North Korea-backed group, exploited a zero-day vulnerability in Internet Explorer to launch a zero-click attack on South Korean targets via a compromised ad program, delivering malware instead of ads. The malware is known as RokRAT, and Microsoft has since patched the vulnerability. Legacy applications remain at risk. ### … Read more

Zero-Day Breach at Rackspace Sparks Vendor Blame Game

October 2, 2024 at 02:00PM The breach at Rackspace highlights software supply chain vulnerability, causing a blame game among vendors over an exploited zero-day. This underscores the importance of supply chain security. Based on the meeting notes, the key takeaway is that a breach at Rackspace has highlighted the vulnerability of the software supply chain, … Read more

Google Warns of Exploited Chrome Vulnerability

August 27, 2024 at 06:24AM Google warns of an in-the-wild exploited bug, tracked as CVE-2024-7965, in Chrome 128.0.6613.84. The V8 JavaScript engine flawed implementation allows remote attackers to exploit heap corruption through crafted HTML pages, potentially executing code or accessing sensitive information. The US CISA added the bug to the Known Exploited Vulnerabilities catalog, urging … Read more

Google Patches Sixth Exploited Chrome Zero-Day of 2024

August 22, 2024 at 06:21AM Google has released Chrome 128, addressing 38 vulnerabilities, including 20 reported by external researchers. Seven high-severity flaws were identified, with one exploited in the wild as a zero-day (CVE-2024-7971). The update also resolves other high, medium, and low-severity bugs and includes bug bounty rewards totaling $95,000. Users are urged to … Read more

Microsoft Warns of Unpatched Office Vulnerability Leading to Data Breaches

August 10, 2024 at 01:45AM Microsoft has disclosed an unpatched zero-day in Office (CVE-2024-38200) that could lead to unauthorized disclosure of sensitive information to malicious actors. A patch is expected on August 13, with an alternative fix already enabled. Three mitigation strategies have been outlined. Microsoft is also working on addressing other zero-day flaws in … Read more