Exploit | SC Media

Exploit

‘Old Phantom Crypter’ supplants older Microsoft Office exploit builder tools

By

Out with the old, in with the… Old Phantom Crypter, which despite its name is actually a new Microsoft Office exploit builder that’s been surpassing its predecessors in popularity among the cybercriminal community. Gabor Szappanos, principal malware researcher at SophosLabs, described the ascendance of Old Phantom yesterday in a company blog post, which links to…

Ransomware attackers exploit old plug-in flaw to infect MSPs and their clients

By

Researchers are warning that hackers are exploiting a plug-in vulnerability to infect MSPs and their customers with GandCrab ransomware. The bug, CVE-2017-18362, dates back to 2017, and is found in unpatched versions of the ConnectWise ManagedITSync integration plug-in tool, explains a Feb. 8 blog post by Chris Bisnett, security researcher at Huntress Labs. This plug-in…

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple patches two flaws reportedly exploited in zero-day attacks; also nixes FaceTime eavesdropping bug

By

Apple yesterday released security updates for iOS and macOS Mojave, repairing four vulnerabilities, including two that a Google researcher says were exploited in the wild as zero days. The two exploited flaws consisted of memory corruption issues caused by insufficient input validation. The first, CVE-2019-7286, is a privilege escalation vulnerability in the Foundation framework that…

Remote Desktop Protocol flaws could be exploited to attack RDP clients

By

A research firm has disclosed multiple vulnerabilities in the Remote Desktop Protocol that, if left unpatched, could allow compromised or infected machines to attack the RDP clients that remotely connect to them. In a blog post today, Check Point Software Technologies researcher Eyal Itkin refers to this scenario as a reverse RDP attack because the…

Attackers scanning unpatched Cisco small business routers after exploit code published

By

Cisco Systems last week issued security advisories for two dozen vulnerabilities, including two high-severity flaws in its Small Business RV320 and RV325 dual gigabit WAN VPN routers, which attackers are reportedly already trying to exploit with published proof-of-concept code. Device owners are advised to immediately download Cisco’s patches for the two exploited flaws, both of…

Researchers develop proof-of-concept malware for attacking Building Automation Systems

By

Researchers have developed proof-of-concept malware capable of compromising Building Automation Systems after discovering two critical bugs in a BAS programmable logic controller (PLC). Created by experts at ForeScout, the malware exploits both vulnerabilities in combination with several older flaws that were previously known to the public, according to a ForeScout white paper released today in…

Researchers discover hardware-agnostic side-channel attack that exploits OS page cache

By

Researchers from a combination of academic and corporate backgrounds have disclosed a newly discovered side-channel attack technique that targets the operating system page cache and affects devices regardless of hardware architecture or OS. “The page cache is a pure software cache that contains all disk-backed pages, including program binaries, shared libraries,and other files, and our attacks…

IE, Firefox, Chrome and Safari's protection against phishing was tested.

Microsoft issues out-of-band patch for exploited memory corruption bug in Internet Explorer

By

Microsoft Corporation yesterday released an emergency patch for a remote code execution vulnerability in Internet Explorer that attackers have been actively exploiting in the wild. Designated CVE-2018-8653, the zero-day memory corruption bug results from the mishandling of objects in memory by the JScript component of Internet Explorer’s scripting engine, according to an official advisory from Microsoft, as…

Adobe fixes zero-day Flash bug after attackers target Russian clinic with exploit

By

Adobe Systems today issued an emergency security update for Flash Player following the discovery of a critical vulnerability that attackers were actively exploiting in a Nov. 29 phishing operation targeting a Russian state health care institution. The zero-day arbitrary code execution exploit was specifically employed against Moscow-based “Polyclinic No. 2” of the Administrative Directorate of…

Next post in Security News