Incidents – Page 2 – WindowsTechs.com

CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction

Posted on June 6, 2022 by AMR

At the end of May, researchers reported a new zero-day vulnerability in MSDT that can be exploited using Microsoft Office documents. The vulnerability, which dubbed Follina, later received the identifier CVE-2022-30190. Continue reading CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction→

Spring4Shell (CVE-2022-22965): details and mitigations

Posted on April 4, 2022 by AMR

Technical details and mitigations for CVE-2022-22965 vulnerability (Spring4Shell) that can help an attacker to execute arbitrary code on a remote web server. Continue reading Spring4Shell (CVE-2022-22965): details and mitigations→

Elections GoRansom – a smoke screen for the HermeticWiper attack

Posted on March 1, 2022 by GReAT

We present our analysis of HermeticRansom (aka Elections GoRansom) ransomware that was likely used as a smokescreen for the HermeticWiper attack. Continue reading Elections GoRansom – a smoke screen for the HermeticWiper attack→

CVE-2021-44228 vulnerability in Apache Log4j library

Posted on December 13, 2021 by AMR

The summary of the critical vulnerability CVE-2021-44228 in the Apache Log4j library, technical details and mitigations. Continue reading CVE-2021-44228 vulnerability in Apache Log4j library→

Exploitation of the CVE-2021-40444 vulnerability in MSHTML

Posted on September 16, 2021 by AMR

Last week, Microsoft reported the RCE vulnerability CVE-2021-40444 in the MSHTML browser engine. Kaspersky is aware of targeted attacks using this vulnerability, and our products protect against attacks leveraging it. Continue reading Exploitation of the CVE-2021-40444 vulnerability in MSHTML→

Triada Trojan in WhatsApp MOD

Posted on August 24, 2021 by Igor Golovin

We discovered that the Trojan Triada snook into one of modified versions of the WhatsApp messenger called FMWhatsapp 16.80.0 together with the advertising software development kit (SDK). Continue reading Triada Trojan in WhatsApp MOD→

Arrests of members of Tetrade seed groups Grandoreiro and Melcoz

Posted on July 14, 2021 by GReAT

Spain’s Ministry of the Interior has announced the arrest of 16 individuals connected to the Grandoreiro and Melcoz cybercrime groups. Both are originally from Brazil and form part of the Tetrade umbrella, operating for a few years now in Latin America and Western Europe. Continue reading Arrests of members of Tetrade seed groups Grandoreiro and Melcoz→

Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)

Posted on July 8, 2021 by Kaspersky

Last week Microsoft warned Windows users about vulnerabilities in the Windows Print Spooler service – CVE-2021-1675 and CVE-2021-34527 (also known as PrintNightmare). We are closely monitoring the situation and improving generic detection of these vulnerabilities. Continue reading Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)→

REvil ransomware attack against MSPs and its clients around the world

Posted on July 5, 2021 by Kaspersky

An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims reportedly have been compromised a popular MSP software which led to encryption of their customers. Continue reading REvil ransomware attack against MSPs and its clients around the world→

Malicious code in APKPure app

Posted on April 9, 2021 by Igor Golovin, Anton Kivva

Malicious code was detected in version 3.17.18 of the APKPure alternative app store for Android. We recommend deleting the infected version and installing APKPure 3.17.19 asap. Continue reading Malicious code in APKPure app→