Privilege Elevation – WindowsTechs.com

Zerologon Attacks Against Microsoft DCs Snowball in a Week

Posted on September 29, 2020 by Tara Seals

The attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged. Continue reading Zerologon Attacks Against Microsoft DCs Snowball in a Week→

WhatsApp Spyware Attack: Uncovering NSO Group Activity

Posted on October 30, 2019 by Lindsey O'Donnell

John Scott-Railton with Citizen Lab, who helped WhatsApp investigate the NSO Group over the alleged WhatsApp hack, said the subsequent lawsuit is a “certified big deal.” Continue reading WhatsApp Spyware Attack: Uncovering NSO Group Activity→

Facebook Sues NSO Group Over Alleged WhatsApp Hack

Posted on October 29, 2019 by Lindsey O'Donnell

In a new lawsuit, WhatsApp owner Facebook says that NSO Group was behind the WhatsApp zero-day exploits earlier in 2019. Continue reading Facebook Sues NSO Group Over Alleged WhatsApp Hack→

WhatsApp Flaw Opens Android Devices to Remote Code Execution

Posted on October 3, 2019 by Elizabeth Montalbano

A double-free bug could allow an attacker to achieve remote code execution; users are encouraged to update to a patched version of the messaging app. Continue reading WhatsApp Flaw Opens Android Devices to Remote Code Execution→

Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches

Posted on February 12, 2019 by Tony Redmond

Exchange hack problem

The recent exposure of a privilege elevation vulnerability that exists in the control Exchange has over Active Directory and EWS push notifications is fixed by cumulative updates for Exchange 2013, Exchange 2016, and Exchange 2019 and a roll-up update for Exchange 2010 SP3. These changes mark an architectural modification for Exchange, something that Microsoft is loathe to do outside major releases. Install the updates now!

The post Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches appeared first on Petri.

Continue reading Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches→

Joomla Joomla! Two Critical Flaws Discovered — Update to Protect Your Site

Posted on October 25, 2016 by Mohit Kumar

Joomla – the world’s second popular open source Content Management System (CMS) software packages, has just released the latest version of its CMS, which includes patches for two critical security vulnerabilities and a bug fix.
<!– adsense –>
The two critical flaws, both exist in the Joomla Core functionalities, include Account Creation Vulnerability (CVE-2016-8870) and Elevated Privileges

Continue reading Joomla Joomla! Two Critical Flaws Discovered — Update to Protect Your Site→