Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies
An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar.
Critical Unpatched VMware Flaw Affects Multiple Corporates Products
VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system.
Microsoft Releases Windows Security Updates For Critical Flaws
Microsoft formally released fixes for 112 newly discovered security vulnerabilities as part of its November 2020 Patch Tuesday, including an actively exploited zero-day.
Researcher Discloses Critical RCE Flaws In Cisco Security Manager
Cisco has published multiple security advisories concerning critical flaws in Cisco Security Manager (CSM) a week after the networking equipment maker quietly released patches with version 4.22 of the platform.
Cisco warns of actively exploited IOS XR zero-days
Cisco warned on Saturday about two zero-day vulnerability impacting the Internetwork Operating System (IOS) that ships with its networking equipment.
New Chrome 0-day Under Active Attacks – Update Your Browser Now
Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today.
Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices
Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices.
India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here's Why?
The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity.
FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks
A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. "Recent FIN11 intrusions have most commonly led to data theft, extortion and the disruption of victim networks via the distribution of CLOP ransomware".
Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs
Microsoft on Tuesday issued fixes for 87 newly discovered security vulnerabilities as part of its October 2020 Patch Tuesday, including two critical remote code execution (RCE) flaws in Windows TCP/IP stack and Microsoft Outlook.
Microsoft Issues March 2020 Updates to Patch 115 Security Flaws
Microsoft today released security updates to fix a total of 115 new security vulnerabilities in various versions of its Windows operating system and related software—making March 2020 edition the biggest ever Patch Tuesday in the company's history.
Of the 115 bugs spanning its various products — Microsoft Windows, Edge browser, Internet Explorer, Exchange Server, Office, Azure, Windows Defender, and Visual Studio — that received new patches, 26 have been rated as critical, 88 received a severity of important, and one is moderate in severity.
However, unlike last month, none of the vulnerabilities the tech giant patched this month are listed as being publicly known or under active attack at the time of release.
It's worth highlighting that the patch addresses critical flaws that could be potentially exploited by bad actors to execute malicious code by specially crafted LNK files and word documents.
Titled "LNK Remote Code Execution Vulnerability" (CVE-2020-0684), the flaw allows an attacker to create malicious LNK shortcut files that can perform code execution.
"The attacker could present to the user a removable drive, or remote share, that contains a malicious .LNK file and an associated malicious binary," Microsoft detailed in its advisory. "When the user opens this drive(or remote share) in Windows Explorer or any other application that parses the .LNK file, the malicious binary will execute code of the attacker's choice on the target system."
The other bug, Microsoft Word Remote Code Execution Vulnerability (CVE-2020-0852), allows the malware to execute code on a system by merely viewing a specially crafted Word file in the Preview Pane with the same permissions as the currently logged-on user. Microsoft has warned that Microsoft Outlook Preview Pane is also an attack vector for this vulnerability.
Elsewhere, the Redmond-based company also issued fixes for remote code execution vulnerabilities tied to Internet Explorer (CVE-2020-0833, CVE-2020-0824), Chakra scripting engine (CVE-2020-0811), and Edge browser (CVE-2020-0816).
One other bug worthy of note is CVE-2020-0765 impacting Remote Desktop Connection Manager (RDCMan), for which there is no fix. "Microsoft is not planning on fixing this vulnerability in RDCMan and has deprecated the application. Microsoft recommends using supported Remote Desktop clients and exercising caution when opening RDCMan configuration files (.rdg)," the disclosure reads.
It's recommended that users and system administrators test and apply the latest security patches as soon as possible to prevent malware or miscreants from exploiting them to gain complete, remote control over vulnerable computers without any intervention.
For installing the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update, or by selecting Check for Windows updates.