An unpatched design flaw in the implementation of Microsoft Exchange's Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide. "This is a severe security issue, since if an attacker can control such domains or has the ability to 'sniff' traffic in the same network, they can capture domain credentials in … [Read more...] about Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials
windows
New Malware Targets Windows Subsystem for Linux to Evade Detection
A number of malicious samples have been created for the Windows Subsystem for Linux (WSL) with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular anti-malware engines. The "distinct tradecraft" marks the first instance where a threat actor has been found abusing WSL to install … [Read more...] about New Malware Targets Windows Subsystem for Linux to Evade Detection
WildPressure APT Emerges With New Malware Targeting Windows and macOS
A malicious campaign that has set its sights on industrial-related entities in the Middle East since 2019 has resurfaced with an upgraded malware toolset to strike both Windows and macOS operating systems, symbolizing an expansion in both its targets and its strategy around distributing threats. Russian cybersecurity firm attributed the attacks to an advanced persistent threat … [Read more...] about WildPressure APT Emerges With New Malware Targeting Windows and macOS
Pakistan-Linked Hackers Added New Windows Malware to Its Arsenal
Cybercriminals with suspected ties to Pakistan continue to rely on social engineering as a crucial component of its operations as part of an evolving espionage campaign against Indian targets, according to new research. The attacks have been linked to a group called Transparent Tribe, also known as Operation C-Major, APT36, and Mythic Leopard, which has created fraudulent … [Read more...] about Pakistan-Linked Hackers Added New Windows Malware to Its Arsenal
Purple Fox Rootkit Can Now Spread Itself to Other Windows Computers
Purple Fox, a Windows malware previously known for infecting machines by using exploit kits and phishing emails, has now added a new technique to its arsenal that gives it worm-like propagation capabilities. The ongoing campaign makes use of a "novel spreading technique via indiscriminate port scanning and exploitation of exposed SMB services with weak passwords and hashes," … [Read more...] about Purple Fox Rootkit Can Now Spread Itself to Other Windows Computers
Microsoft Issues Patches for In-the-Wild 0-day and 55 Others Windows Bugs
Microsoft on Tuesday issued fixes for 56 flaws, including a critical vulnerability that's known to be actively exploited in the wild. In all, 11 are listed as Critical, 43 are listed as Important, and two are listed as Moderate in severity — six of which are previously disclosed vulnerabilities. The updates cover .NET Framework, Azure IoT, Microsoft Dynamics, Microsoft Edge for … [Read more...] about Microsoft Issues Patches for In-the-Wild 0-day and 55 Others Windows Bugs
Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug
Google's Project Zero team has made public details of an improperly patched zero-day security vulnerability in Windows print spooler API that could be leveraged by a bad actor to execute arbitrary code. Details of the unpatched flaw were revealed publicly after Microsoft failed to patch it within 90 days of responsible disclosure on September 24. Originally tracked as … [Read more...] about Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug
Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition
Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China. "Many mature and hard targets have been pwned on this year's contest," the event organizers said. "11 out of 16 targets … [Read more...] about Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition
Google Discloses Windows Zero-Day Bug Exploited in the Wild
Google has disclosed details of a new zero-day privilege escalation flaw in the Windows operating system that's being actively exploited in the wild. The elevation of privileges (EoP) vulnerability, tracked as CVE-2020-17087, concerns a buffer overflow present since at least Windows 7 in the Windows Kernel Cryptography Driver ("cng.sys") that can be exploited for a sandbox … [Read more...] about Google Discloses Windows Zero-Day Bug Exploited in the Wild
Windows GravityRAT Malware Now Also Targets macOS and Android Devices
A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware — dubbed "GravityRAT" — now masquerades as legitimate Android and macOS apps to capture … [Read more...] about Windows GravityRAT Malware Now Also Targets macOS and Android Devices