From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw

Credit to Author: Eric Avena| Date: Mon, 25 Mar 2019 15:00:07 +0000

Our discovery of two privilege escalation vulnerabilities in a driver highlights the strength of Microsoft Defender ATP’s sensors. These sensors expose anomalous behavior and give SecOps personnel the intelligence and tools to investigate threats, as we did.

The post From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw appeared first on Microsoft Security.

Read more

What you need to know for Patch Tuesday, March 2019

Credit to Author: Andrew Brandt| Date: Thu, 14 Mar 2019 13:00:46 +0000

By SophosLabs Offensive Security Research Microsoft released their monthly security updates for March this past Tuesday. This month’s fixes address 64 vulnerabilities that affect Windows and a range of software that runs on Windows, mainly the Internet Explorer and Edge browsers. In addition, there was a patch released for one critical vulnerability in Adobe Flash. [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/Vlj59LNV68Y” height=”1″ width=”1″ alt=””/>

Read more

Google Chrome zero-day: Now is the time to update and restart your browser

Credit to Author: Malwarebytes Labs| Date: Fri, 08 Mar 2019 19:13:15 +0000

A particularly dangerous Google Chrome zero-day is already being used in real-world attacks. Despite Google’s auto update feature, users will need to close and restart their browser in order to be protected.

Categories:

Tags:

(Read more…)

The post Google Chrome zero-day: Now is the time to update and restart your browser appeared first on Malwarebytes Labs.

Read more

Spectre, Google, and the Universal Read Gadget

Credit to Author: Christopher Boyd| Date: Fri, 01 Mar 2019 16:43:37 +0000

A recently released paper by Google has resurrected the spirit of Spectre, a seemingly never-ending threat to most makes of processor. We take a look at what this means, and what the Universal Read Gadget means for most technology users.

Categories:

Tags:

(Read more…)

The post Spectre, Google, and the Universal Read Gadget appeared first on Malwarebytes Labs.

Read more

A week in security (February 18 – 24)

Credit to Author: Malwarebytes Labs| Date: Mon, 25 Feb 2019 16:52:20 +0000

A roundup of security news from February 18–24 covering our most recent blogs and happenings in the world of infosec, including ATM hacking, Facebook location settings, spear phishing, and more.

Categories:

Tags:

(Read more…)

The post A week in security (February 18 – 24) appeared first on Malwarebytes Labs.

Read more

New critical vulnerability discovered in open-source office suites

Credit to Author: Jérôme Segura| Date: Wed, 06 Feb 2019 17:16:50 +0000

A security researcher recently published a proof of concept exploit for open-source office software LibreOffice and OpenOffice. Will this new vulnerability be used in the wild?

Categories:

Tags:

(Read more…)

The post New critical vulnerability discovered in open-source office suites appeared first on Malwarebytes Labs.

Read more

New critical vulnerability in open-source office suites

Credit to Author: Jérôme Segura| Date: Wed, 06 Feb 2019 17:16:50 +0000

A security researcher recently published a proof of concept exploit for open-source office software LibreOffice and OpenOffice. Will this new vulnerability be used in the wild?

Categories:

Tags:

(Read more…)

The post New critical vulnerability in open-source office suites appeared first on Malwarebytes Labs.

Read more

Improved Fallout EK comes back after short hiatus

Credit to Author: Jérôme Segura| Date: Thu, 17 Jan 2019 19:51:27 +0000

The Fallout exploit kit is back with some noteworthy improvements.

Categories:

Tags:

(Read more…)

The post Improved Fallout EK comes back after short hiatus appeared first on Malwarebytes Labs.

Read more

Ryuk ransomware attacks businesses over the holidays

Credit to Author: Adam Kujawa| Date: Tue, 08 Jan 2019 19:49:45 +0000

Over the holiday, a little-known ransomware family called Ryuk caused serious damage to numerous organizations. The attacks leave a lot of questions unanswered. What do we know so far?

Categories:

Tags:

(Read more…)

The post Ryuk ransomware attacks businesses over the holidays appeared first on Malwarebytes Labs.

Read more

Vidar and GandCrab: stealer and ransomware combo observed in the wild

Credit to Author: Jérôme Segura| Date: Fri, 04 Jan 2019 18:15:25 +0000

Threat actors combine new stealer Vidar and GandCrab ransomware in one-two punch.

Categories:

Tags:

(Read more…)

The post Vidar and GandCrab: stealer and ransomware combo observed in the wild appeared first on Malwarebytes Labs.

Read more