Using Sophos EDR to identify endpoints impacted by Dell kernel driver vulnerability CVE-2021-21551

Credit to Author: Anthony Merry| Date: Thu, 06 May 2021 09:09:24 +0000

Use this query to identify which endpoints are impacted by the Dell kernel driver vulnerability CVE-2021-21551, and which are not.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/SxHmhU9-42Q” height=”1″ width=”1″ alt=””/>

Read more

Netwalker ransomware tools give insight into threat actor

Credit to Author: Gabor Szappanos| Date: Wed, 27 May 2020 15:02:36 +0000

A survey of attacker files reveals orchestration techniques &#38; preferred exploits<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/VIxDxjIG-F0″ height=”1″ width=”1″ alt=””/>

Read more

Keep Zoombombing cybercriminals from dropping a load on your meetings

Credit to Author: Philip Christian| Date: Tue, 14 Apr 2020 15:00:00 +0000

In a zeitgeisty moment, Zoom has become the web conference tool of choice for everyone. Unfortunately, cybercriminals are taking note and Zoombooming the public. We show readers how to protect against this intrusion of privacy.

Categories:

Tags:

(Read more…)

The post Keep Zoombombing cybercriminals from dropping a load on your meetings appeared first on Malwarebytes Labs.

Read more

Patch now! Microsoft releases fixes for the serious SMB bug CVE-2020-0796

Credit to Author: alexandrebecholey| Date: Thu, 12 Mar 2020 15:34:59 +0000

Microsoft issues its latest set of cumulative updates for Windows and other Microsoft products this week, but the March, 2020 Patch Tuesday is notable not only because of the sheer volume of fixes, but because it will prevent one very serious bug in its Server Message Block (SMB) technology (download the patch right now) that [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/d5Hn2Ie7ee4″ height=”1″ width=”1″ alt=””/>

Read more

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

Credit to Author: Threat Intelligence Team| Date: Mon, 16 Mar 2020 15:00:00 +0000

We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.

Categories:

Tags:

(Read more…)

The post APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT appeared first on Malwarebytes Labs.

Read more

A week in security (March 2 – 8)

Credit to Author: Malwarebytes Labs| Date: Mon, 09 Mar 2020 20:07:46 +0000

A roundup of the previous week’s security headlines, including the introduction of a new series on child identity theft, an examination of law enforcement’s cybersecurity woes, a progress check on our stalkerware initiative, and more coronavirus scammers on the prowl.

Categories:

Tags:

(Read more…)

The post A week in security (March 2 – 8) appeared first on Malwarebytes Labs.

Read more

BlueKeep Attacks seen in the wild!

Credit to Author: Sameer Patil| Date: Fri, 08 Nov 2019 09:54:04 +0000

CVE-2019-0708, popularly known as BlueKeep, is a RDP pre-authentication vulnerability which allows attacker to compromise a vulnerable system without user’s interaction. This exploit is also wormable, meaning that it can spread to other vulnerable systems in a similar way as the WannaCry malware spread across the globe in 2017. Interestingly,…

Read more