RSS Reader for Computer Security Articles
Credit to Author: Andrew Brandt| Date: Wed, 19 Sep 2018 18:00:07 +0000
Updates for Windows and Mac users resolve more than five dozen software vulnerabilities<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/HBOC9eD3Jfo” height=”1″ width=”1″ alt=””/>
Read More
Credit to Author: Fahmida Y. Rashid| Date: Tue, 18 Sep 2018 14:40:00 -0700
Three years after its debut, Windows 10 is poised to overtake Windows 7 as the most popular version of the Windows operating system. Microsoft introduced virtualization-based security features – namely Device Guard and Credential Guard – in Windows 10, and in subsequent updates, has added other virtualization-based protections to the operating system.
Microsoft tackled the two biggest challenge for enterprises with Windows 10, password management and protecting the operating system from attackers. Windows Defender was renamed Windows Security in 2017 and now includes anti-malware and threat detection, firewall and network security, application and browser controls, device and account security, and device health. Windows Security shares status information between Microsoft 365 services and interoperates with Windows Defender Advanced Threat Protection, Microsoft’s cloud-based forensic analysis tool.
Credit to Author: Woody Leonhard| Date: Mon, 17 Sep 2018 08:29:00 -0700
‘Softie Rodney Viana has posted details and a workaround for the “System.CodeDom.CodeBinaryOperatorExpression is not marked as authorized” bug.
Apparently, installing last Tuesday’s KB 4457916 Security Only updates for .Net Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1 and Server 2012 R2 causes a hard stop with any SharePoint Workflows. (Workflows are set up by an admin to handle the flow of documents through a series of steps.)
Credit to Author: Sameer Patil| Date: Wed, 12 Sep 2018 13:30:14 +0000
The recent zero-day vulnerability CVE-2018-8440 in Windows Task Scheduler enables attackers to perform a privilege elevation on targeted machines. Microsoft has released a security advisory CVE-2018-8440 on September 11, 2018 to address this issue. According to Microsoft, successful exploitation of this vulnerability could run arbitrary code in the security context…
Read More
Credit to Author: Woody Leonhard| Date: Mon, 10 Sep 2018 06:19:00 -0700
August 2018 was a relatively innocuous patching month, although the final resolution to the August problems didn’t appear until late Friday night just as the month was coming to a close — on a three-day weekend in the US.
We’ve seen the same pattern repeat itself almost every month since the beginning of the year: The first round of Microsoft security patches (notably including Win10 patches) introduce bugs, while subsequent rounds of patches each month squash most of them. If we’re lucky.
Credit to Author: Woody Leonhard| Date: Wed, 05 Sep 2018 12:29:00 -0700
With the arrival of “Fourth Week” patches on the last working day of August, and having had a few days to vet them, it looks as if we’re ready to release the cracklin’ Kraken.
Microsoft continues to unleash microcode patches for Meltdown and Spectre (versions 1, 2, 3, 3a, 4, n for n >=4). You won’t get stung by any of them, unless you specifically go looking for trouble.
Credit to Author: Woody Leonhard| Date: Fri, 31 Aug 2018 05:02:00 -0700
Time for the final August patching shoe to drop.
Late last night Microsoft released a flurry of patches, posting them on the Microsoft Update Catalog. Some are available through Windows Update, some aren’t.
As of early Friday morning, the Win10 patches are not available through WSUS, the update server service. It’s not clear if that’s a mistake, a hesitation — or if somebody just went home last night and forgot.
Let’s hear it for patching predictability. And transparency.
Credit to Author: Vasilios Hioureas| Date: Wed, 29 Aug 2018 16:48:35 +0000
 | |
| In this series of articles, we provide an in-depth discussion of fileless malware and their related attacks. In part one, we cover a brief overview of the problems with and general features of fileless malware, laying the groundwork for technical analysis of various samples employing fileless and semi-fileless methods. Categories: Tags: file historyfileless infectionsfileless malwarefileless malware attackskovtermagnitude EKpowelikspowershellRAMsamsamsamsam ransomwaresemi-filelessSOC teamwindows |
The post Fileless malware: getting the lowdown on this insidious threat appeared first on Malwarebytes Labs.
Read More