Realtek-based routers, smart devices are being gobbled up by a voracious botnet

Credit to Author: Pieter Arntz| Date: Tue, 24 Aug 2021 13:36:52 +0000

Yet again, recently disclosed vulnerabilities in smart devices are being exploited quickly to expand the Mirai botnet.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post Realtek-based routers, smart devices are being gobbled up by a voracious botnet appeared first on Malwarebytes Labs.

Read more

ProxyShell vulnerabilities in Microsoft Exchange: What to do

Credit to Author: Greg Iddon| Date: Mon, 23 Aug 2021 18:00:22 +0000

Last updated 2021-08-23 UTC 18:10 Overview Threat actors are actively scanning and exploiting vulnerable Microsoft Exchange servers that have not applied security patches released earlier this year. ProxyShell, the name given to a collection of vulnerabilities for Microsoft Exchange servers, enables an actor to bypass authentication and execute code as a privileged user. ProxyShell comprises [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/3OJ3pFWvR1M” height=”1″ width=”1″ alt=””/>

Read more

Katie Moussouris hacked Clubhouse. Her emails went unanswered for weeks: Lock and Code S02E15

Credit to Author: Malwarebytes Labs| Date: Mon, 16 Aug 2021 15:07:58 +0000

On Lock and Code this week, we speak with Luta Security CEO and founder Katie Moussouris about how she hacked Clubhouse.

Categories: Podcast

Tags:

(Read more…)

The post Katie Moussouris hacked Clubhouse. Her emails went unanswered for weeks: Lock and Code S02E15 appeared first on Malwarebytes Labs.

Read more

HiveNightmare aka SeriousSAM vulnerability : what to do

Credit to Author: Greg Iddon| Date: Thu, 22 Jul 2021 12:05:12 +0000

Last updated 2021-07-22 HiveNightmare (CVE-2021-36934), also known as SeriousSAM, is a high severity zero-day elevation of privilege vulnerability in Windows currently under investigation by Microsoft. Since Windows 10 build 1809, the Access Control Lists (ACLs) for %windir%System32config have been granting read access to non-admin users. This is the primary directory that contains the files for [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/YBtfaot3ORM” height=”1″ width=”1″ alt=””/>

Read more

PrintNightmare vulnerability: what to do

Credit to Author: Anthony Merry| Date: Thu, 01 Jul 2021 11:22:21 +0000

PrintNightmare is a zero-day critical Windows bug that allows Remote Code Execution. It affects all supported Windows machines, including both endpoints and servers. For more information on the bug, please read the article on Naked Security.  As of 1 July 2021, there is no official patch yet to address this bug. Given the severity, we [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/KdxMKomfAe0″ height=”1″ width=”1″ alt=””/>

Read more

Using Sophos EDR to identify endpoints impacted by Dell kernel driver vulnerability CVE-2021-21551

Credit to Author: Anthony Merry| Date: Thu, 06 May 2021 09:09:24 +0000

Use this query to identify which endpoints are impacted by the Dell kernel driver vulnerability CVE-2021-21551, and which are not.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/SxHmhU9-42Q” height=”1″ width=”1″ alt=””/>

Read more