WMF Exploit Fun & Happy 2006

Paul AsadoorianJanuary 4, 2006

Well, we are certainly starting off the new year in an exciting and scary way. In case you haven’t come out from under your rock, there is a new zero day exploit in the wild that affects all versions of windows. Frsirt is lists two different exploits on their site. You can find them here and here.
All windows users should run the fix from Ilfak Guilfanov, located here. This version has been tested by the fine incident handlers from the SANS ISC.
More details to follow….
.com

Paul Asadoorian

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

AI benefits/risks

Attackers leverage fraudulent Bing Chat ads to load malware payloads

Steve ZurierSeptember 29, 2023

Malwarebytes Labs researchers say users get tricked into loading malware because the fraudulent ads tend to get better placement than the legitimate search.

Malware

US banks, crypto wallets subjected to expanded Xenomorph Android trojan attacks

SC StaffSeptember 27, 2023

BleepingComputer reports that several U.S. financial institutions and numerous cryptocurrency apps are having their users mostly targeted by an expanded Xenomorph malware campaign leveraging an updated version of the Android banking trojan that also set sights on users in Canada, Italy, Spain, Belgium, and Portugal.