A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response

Credit to Author: Eric Avena| Date: Wed, 07 Aug 2019 23:50:25 +0000

Through a cross-company, cross-continent collaboration, we discovered a vulnerability, secured customers, and developed fix, all while learning important lessons that we can share with the industry.

The post A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response appeared first on Microsoft Security.

Read more

A new Equation Editor exploit goes commercial, as maldoc attacks using it spike

Credit to Author: Gabor Szappanos| Date: Thu, 18 Jul 2019 16:00:18 +0000

Weaponized RTF documents adopt CVE-2018-0798, another Equation Editor vulnerability<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/ltjXsAajVFc” height=”1″ width=”1″ alt=””/>

Read more

CVE-2019-0888: Use-After-Free in Windows ActiveX Data Objects (ADO)

Credit to Author: SophosLabs Offensive Security| Date: Tue, 09 Jul 2019 14:00:58 +0000

Details of the vulnerability we reported to Microsoft and was fixed in last month’s Patch Tuesday<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/-BE2g_tELic” height=”1″ width=”1″ alt=””/>

Read more

Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability

Credit to Author: Malwarebytes Labs| Date: Wed, 15 May 2019 16:57:16 +0000

This month marks two years since the infamous WannaCry attack. Now a Remote Desktop Protocol (RDP) vulnerability has been discovered that could be used in a similar large-scale attack—though Microsoft has released a patch. Have you updated yet?

Categories:

Tags:

(Read more…)

The post Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability appeared first on Malwarebytes Labs.

Read more

4 Lessons to be learned from the DOE’s DDoS attack

Credit to Author: Kayla Matthews| Date: Fri, 17 May 2019 15:59:32 +0000

The Department of Energy was subject to a DDoS attack that caused major disruptions in their operations. Is the smart grid ready for such an attack? Here are the lessons we can take away from the event.

Categories:

Tags:

(Read more…)

The post 4 Lessons to be learned from the DOE’s DDoS attack appeared first on Malwarebytes Labs.

Read more

Microsoft pushes patch to prevent ‘WannaCry’ level vulnerability

Credit to Author: Malwarebytes Labs| Date: Wed, 15 May 2019 16:57:16 +0000

This month marks two years since the infamous WannaCry attack. Now a Remote Desktop Protocol (RDP) vulnerability has been discovered that could be used in a similar large-scale attack—though Microsoft has released a patch. Have you updated yet?

Categories:

Tags:

(Read more…)

The post Microsoft pushes patch to prevent ‘WannaCry’ level vulnerability appeared first on Malwarebytes Labs.

Read more

CVE-2018-18500: write-after-free vulnerability in Firefox, Analysis and Exploitation

Credit to Author: Yaniv| Date: Thu, 18 Apr 2019 15:35:40 +0000

Editor&#8217;s note: This article is a technical description of a bug discovered by a member of the Offensive Research team at SophosLabs, and how the researcher created a proof-of-concept &#8220;Arbitrary Read/Write Primitive&#8221; exploit for this bug. The vulnerability was deemed critical by Mozilla&#8217;s bug tracking team and was patched in Firefox 65.0. It&#8217;s written for [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/oTcYk6i594c” height=”1″ width=”1″ alt=””/>

Read more

From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw

Credit to Author: Eric Avena| Date: Mon, 25 Mar 2019 15:00:07 +0000

Our discovery of two privilege escalation vulnerabilities in a driver highlights the strength of Microsoft Defender ATP’s sensors. These sensors expose anomalous behavior and give SecOps personnel the intelligence and tools to investigate threats, as we did.

The post From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw appeared first on Microsoft Security.

Read more

What you need to know for Patch Tuesday, March 2019

Credit to Author: Andrew Brandt| Date: Thu, 14 Mar 2019 13:00:46 +0000

By SophosLabs Offensive Security Research Microsoft released their monthly security updates for March this past Tuesday. This month’s fixes address 64 vulnerabilities that affect Windows and a range of software that runs on Windows, mainly the Internet Explorer and Edge browsers. In addition, there was a patch released for one critical vulnerability in Adobe Flash. [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/Vlj59LNV68Y” height=”1″ width=”1″ alt=””/>

Read more

Google Chrome zero-day: Now is the time to update and restart your browser

Credit to Author: Malwarebytes Labs| Date: Fri, 08 Mar 2019 19:13:15 +0000

A particularly dangerous Google Chrome zero-day is already being used in real-world attacks. Despite Google’s auto update feature, users will need to close and restart their browser in order to be protected.

Categories:

Tags:

(Read more…)

The post Google Chrome zero-day: Now is the time to update and restart your browser appeared first on Malwarebytes Labs.

Read more