Collaborate Disseminate
Active Directory (AD) is one of the most valuable targets for cyberattackers because it handles authentication and authorization across all enterprise resources and touches virtually everything on the network. AD is complicated to secure, and today, r… Continue reading Top 8 Ways Attackers Can Own Active Directory
As we reported two days ago, Microsoft this week released an updated version of its Outlook app for Android that patches a severe remote code execution vulnerability (CVE-2019-1105) that impacted over 100 million users.
However, at that time, very few… Continue reading PoC Released for Outlook Flaw that Microsoft Patched 6 Month After Discovery
A glitch in Microsoft’s Windows 10 update is causing systems to freeze after users tried to use the System Reboot function. Luckily, workarounds exist. Continue reading Windows 10 Update Bricks PCs, Microsoft Offers Workarounds
Using a bug patched in March, the attacks are starting to ramp up worldwide. Continue reading FIN7 Linked to Escalating Active Exploits for Microsoft SharePoint Bug
A Microsoft Windows vulnerability enables remote attackers to execute arbitrary code – and there’s no patch yet. Continue reading Researchers Warn of Microsoft Zero-Day RCE Bug
Microsoft says the wave of stealthy fileless attacks leveraging the company’s applications to create the attacks, is a feature not a vulnerability, and won’t be patched despite knowing about the flaw since August. Microsoft “said they weren’t going to fix it” Sept. 29, Dominic White, CTO of pentesting outfit SensePost told CyberScoop via email. SensePost had alerted the company a month before that the Dynamic Data Exchange, or DDE protocol, in Microsoft Word could be used by hackers to run commands and open executable programs. Microsoft told the pentesters that was a feature and there would be no patch, but it would be considered for a bug fix in a future version. This week SensePost published a proof-of-concept on their blog, noting that the technique was an excellent way to get around security measures that cyber-aware enterprises might have in place. The following day, researchers found the technique being used in the wild […]
The post Researchers say this attack is a bad bug. Microsoft says it’s a feature. appeared first on Cyberscoop.
Continue reading Researchers say this attack is a bad bug. Microsoft says it’s a feature.
Microsoft issued a patch Tuesday for a serious privilege escalation vulnerability affecting all versions of Windows for enterprises released since 2007. By exploiting it, an attacker who has compromised a single machine on a network can create a new administrator account for themselves and get control of the entire domain. The vulnerability, assigned the serial number CVE-2017-8563, scores 7.5 on the Common Vulnerability Scoring System, meaning it is rated as “high” severity, the second highest after “critical.” “The vulnerability is in the domain controller,” said Roman Blachman, CTO and co-founder of Preempt Security, whose researchers found the flaw in April and reported it to Microsoft. In a video, Preempt researchers show how they can leverage it to exploit known weaknesses in some of the communications protocols included in Windows NT LAN Manager, or NTLM, and launch an attack technique known as credential relay. The vulnerability, Preempt CEO Ajit Sancheti added, “can be exploited if the attacker has compromised […]
The post Microsoft patches domain-controller vulnerability impacting all Windows versions appeared first on Cyberscoop.
Continue reading Microsoft patches domain-controller vulnerability impacting all Windows versions
At least five U.S. colleges have been affected by the global ransomware virus known as “WannaCry,” CyberScoop has learned. The Massachusetts Institute of Technology, Trinity College, the University of Washington, North Dakota State University and the University of Maine confirmed Tuesday that computers connected to their networks were infected by the virus. “We had a handful of computers that were compromised but it didn’t spread,” University of Washington News Office Director Victor Balta told CyberScoop. “Normal operations were not affected in any way, but obviously we’re paying attention to this.” The five schools are among the first known cases of U.S.-based educational institutions becoming victims of the WannaCry ransomware campaign. CyberScoop obtained a list of IP addresses with WannaCry infections that included more than a dozen machines at U.S. higher education institutions. Not all of the schools responded to requests for comment. MIT reported that approximately 100 computers were affected by the attack […]
The post U.S. universities race to contain WannaCry ransomware, officials say appeared first on Cyberscoop.
Continue reading U.S. universities race to contain WannaCry ransomware, officials say
A team of security researchers from Cybellum, an Israeli zero-day prevention firm, has discovered a new Windows vulnerability that could allow hackers to take full control of your computer.
Dubbed DoubleAgent, the new injecting code technique works on… Continue reading Unpatchable ‘DoubleAgent’ Attack Can Hijack All Windows Versions — Even Your Antivirus!
A team of security researchers from Cybellum, an Israeli zero-day prevention firm, has discovered a new Windows vulnerability that could allow hackers to take full control of your computer.
Dubbed DoubleAgent, the new injecting code technique works on… Continue reading Unpatchable ‘DoubleAgent’ Attack Can Hijack All Windows Versions — Even Your Antivirus!