16 vulnerabilità critiche, alcune delle quali sfruttate, sono state risolte negli aggiornamenti Windows di luglio 2019

Credit to Author: Sophos Italia| Date: Mon, 22 Jul 2019 16:01:52 +0000

Alcuni hacker russi avrebbero sfruttato due vulnerabilità durante i loro attacchi<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/5fzmmHOt0_g” height=”1″ width=”1″ alt=””/>

Read more

Ransomware As A Tool – LockerGoga

Credit to Author: Ghanshyam More| Date: Wed, 03 Jul 2019 07:18:00 +0000

Ransomware authors keep experimenting with the development of payload in various dimensions. In the timeline of ransomware implementations, we have seen its evolution from a simple screen locker to multi-component model for file encryption, from novice approach to a sophisticated one. The Ransomware as a Tool has evolved in wild…

Read more

Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware

Credit to Author: BrianKrebs| Date: Tue, 04 Jun 2019 00:16:11 +0000

For almost the past month, key computer systems serving the government of Baltimore, Md. have been held hostage by a ransomware strain known as “Robbinhood.” Media publications have cited sources saying the Robbinhood version that hit Baltimore city computers was powered by “Eternal Blue,” a hacking tool developed by the U.S. National Security Agency (NSA) and leaked online in 2017. But new analysis suggests that while Eternal Blue could have been used to spread the infection, the Robbinhood malware itself contains no traces of it.

Read more

Quick Heal supports the Windows 10 May 2019 Update

Credit to Author: Sushmita Kalashikar| Date: Wed, 22 May 2019 06:45:53 +0000

As part of the Windows 10 Updates, Microsoft has now come up with a new update for Windows 10 PCs. It’s called Windows 10 19H1 (Windows 10 May 2019 Update). This post lists down some of the highlights of this particular update and Quick Heal’s compatibility with the OS. Highlights…

Read more

Windows IoT Core explotable vía Ethernet

Credit to Author: Naked Security| Date: Wed, 06 Mar 2019 15:56:07 +0000

La versión de Windows para Internet de las Cosas (IoT) es vulnerable a un exploit que podría permitir que un atacante tomara el control completo del sistema, según una presentación dada por una empresa de seguridad este fin de semana. En el WOPR Summit en New Jersey, Dor Azouri, un experto en seguridad de SafeBreach, [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/iGtiCM6qcE0″ height=”1″ width=”1″ alt=””/>

Read more

CVE-2018-8440 – Task Scheduler ALPC Zero-Day Exploit in the Wild

Credit to Author: Sameer Patil| Date: Wed, 12 Sep 2018 13:30:14 +0000

The recent zero-day vulnerability CVE-2018-8440 in Windows Task Scheduler enables attackers to perform a privilege elevation on targeted machines. Microsoft has released a security advisory CVE-2018-8440 on September 11, 2018 to address this issue. According to Microsoft, successful exploitation of this vulnerability could run arbitrary code in the security context…

Read more

Patch Tuesday, August 2018 Edition

Credit to Author: BrianKrebs| Date: Wed, 15 Aug 2018 14:52:21 +0000

Adobe and Microsoft each released security updates for their software on Tuesday. Adobe plugged five security holes in its Flash Player browser plugin. Microsoft pushed 17 updates to fix at least 60 vulnerabilities in Windows and other software, including two “zero-day” flaws that attackers were already exploiting before Microsoft issued patches to fix them.

Read more

CVE-2018-4990 – Adobe Reader Double Free (Zero Day) vulnerability alert!

Credit to Author: Prashant Kadam| Date: Wed, 16 May 2018 13:10:48 +0000

The recent zero-day vulnerability CVE-2018-4990 in Adobe Reader enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-09 on May 14, 2018 to address this issue. According to Adobe, the in-wild attack is targeted and it impacts limited Windows users. Vulnerable versions…

Read more

CVE-2018-8174: Windows VBScript Engine Remote Code Execution Vulnerability – An advisory by Quick Heal Security Labs

Credit to Author: Prashant Kadam| Date: Thu, 10 May 2018 11:50:17 +0000

The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows…

Read more

CVE-2018-8174 : Windows VBScript Engine Remote Code Execution Vulnerability – An advisory by Quick Heal Security Labs

Credit to Author: Prashant Kadam| Date: Thu, 10 May 2018 11:50:17 +0000

The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows…

Read more

The A-Z dictionary of cybersecurity terms

Credit to Author: Rajib Singha| Date: Thu, 15 Mar 2018 11:30:50 +0000

Whether you are a normal user or a tech-guru, being aware of the computer security threats will help fortify your defense against them. So, here’s a handy A-Z dictionary of cybersecurity terms. Index A | B | C | D | E | F | I | K | L…

Read more