blacklotus – Computer Security Articles

Microsoft Patch Tuesday, May 2023 Edition

May 11, 2023 admin adam barnett, blacklotus, cve-2023-24932, cve-2023-24941, cve-2023-28283, cve-2023-29325, cve-2023-29336, immersive labs, kevin breen, Rapid7, sans internet storm center, Time to Patch

Credit to Author: BrianKrebs| Date: Wed, 10 May 2023 01:19:58 +0000

Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other software, including patches for two zero-day vulnerabilities that are already being exploited in active attacks.

Security Sophos

May’s Patch Tuesday haul touches a six-pack of product families

May 11, 2023 admin av1, blacklotus, bootkit, cve-2023-24881, cve-2023-24932, cve-2023-24941, cve-2023-29325, cve-2023-29340, Microsoft Office, microsoft windows, Patch Tuesday, secure boot, Sharepoint, teams, threat research, uefi

Credit to Author: Angela Gunn| Date: Tue, 09 May 2023 19:27:52 +0000

A relatively light month by the numbers, but several patches require extra effort to deploy

Microsoft Security

Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign

April 11, 2023 admin blacklotus, bootkit, cve-2022-21894, cybersecurity, microsoft detection and response team (dart), uefi

Credit to Author: Microsoft Security Threat Intelligence – Editor| Date: Tue, 11 Apr 2023 17:00:00 +0000

This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus.

The post Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign appeared first on Microsoft Security Blog.