A tumultuous, titanic Patch Tuesday as Microsoft makes some changes
Credit to Author: Angela Gunn| Date: Wed, 10 Apr 2024 07:04:39 +0000
The largest CVE count in recent history rolls out
Read moredrivers
It’ll be back: Attackers still abusing Terminator tool and variants
Credit to Author: Matt Wixey| Date: Mon, 04 Mar 2024 11:00:08 +0000
First released in May 2023, an EDR killer – and the vulnerable Zemana drivers it leverages – are still of interest to threat actors, along with variants and ported versions
Read moreMultiple vulnerabilities discovered in widely used security driver
Credit to Author: Angela Gunn| Date: Thu, 25 Jan 2024 19:00:52 +0000
A false-alarm incident involving Panda Security software leads to three very real CVEs
Read moreMicrosoft Revokes Malicious Drivers in Patch Tuesday Culling
Credit to Author: Andrew Brandt| Date: Tue, 11 Jul 2023 17:20:38 +0000
In December 2022, Microsoft published their monthly Windows Update packages that included an advisory about malicious drivers, signed by Microsoft and other code-signing authorities, that Sophos X-Ops (and others) observed threat actors abusing during attacks. Today, Microsoft issued Security Advisory ADV230001 as part of their July Windows Update that addresses Sophos’ discovery of more than […]
Read more2022 Patch Tuesday cycle wraps with 48 CVEs, one advisory
Credit to Author: Angela Gunn| Date: Tue, 13 Dec 2022 18:00:22 +0000
Windows-heavy collection closes out a year of elevation-of-privilege vulnerabilities; no Exchange patches in sight
Read moreSigned driver malware moves up the software trust chain
Credit to Author: Andrew Brandt| Date: Tue, 13 Dec 2022 18:00:15 +0000
The criminals signed their AV-killer malware, closely related to one known as BURNTCIGAR, with a legitimate WHCP certificate
Read more