A week in security (May 13 – 19)

Last week, Malwarebytes Labs reviewed active and unique exploit kits targeting consumers and businesses alike, reported about a flaw in WhatsApp used to target a human rights lawyer, and wrote about an important Microsoft patch that aimed to prevent a "WannaCry level" attack. We also profiled the...

Microsoft Patch Tuesday — April 2019: Vulnerability disclosures and Snort coverage

Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 74 vulnerabilities, 16 of which are rated “critical” and 58 that are considered “important.” This release also includes a critical advisory...

DEF CON 2018: Critical Bug Opens Millions of HP OfficeJet Printers to Attack

LAS VEGAS – Tens of millions of fax-ready HP OfficeJet inkjet printers are vulnerable to a simple hack that gives an attacker full control over a targeted printer. Once compromised, the all-in-one OfficeJet could act as a springboard for deeper network penetration by an attacker. Here at DEF CON,...

A week in security (June 11 – June 17)

Last week on Malwarebytes Labs, we discussed how to protect the online privacy of children, we gave you a spring 2018 overview of exploit kits, rounded up the ongoing discussions about the VPNFilter malware, and discussed the struggles of UK law enforcement with modern-day cybercrime. Other news...

Microsoft Issues Emergency Patch For Critical Flaw In Windows Containers

Just a few days prior to its monthly patch release, Microsoft released an emergency patch for a critical vulnerability in the Windows Host Compute Service Shim hcsshim library that could allow remote attackers to run malicious code on Windows computers. Windows Host Compute Service Shim hcsshim i...

Microsoft's Meltdown Patch Made Windows 7 PCs More Insecure

Meltdown CPU vulnerability was bad, and Microsoft somehow made the flaw even worse on its Windows 7, allowing any unprivileged, user-level application to read content from and even write data to the operating system's kernel memory. For those unaware, Spectre and Meltdown were security flaws...

Project Zero Chains Bugs for ‘aPAColypse Now’ Attack on Windows 10

Google’s Project Zero released details of a local proof-of-concept attack against a fully patched Windows 10 PC that allows an adversary to execute untrusted JavaScript outside a sandboxed environment on targeted systems. The attack is a variation of a WPAD/PAC attack. In Project Zero’s case, the...

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...

【Major vulnerability warning】Windows two critical remote code execution vulnerability-vulnerability warning-the black bar safety net

Microsoft 6, on patch day the disclosure of the two being the use of a remote code execution vulnerabilityCVE-2017-8543Windows Search remote code execution vulnerabilityCVE-2017-8464LNK file shortcut remote code execution vulnerability. Vulnerability name: Windows Search remote code execution...

InsightVM/Nexpose Patch Tuesday Reporting

Many of our customers wish to report specifically on Microsoft patch related vulnerabilities. This often includes specific vulnerabilities that are patched in Patch Tuesday updates. This post will show you the various ways that you can create reports for each of these. Remediation Projects...

WannaCry Highlights Major Security Shortcomings Ahead of GDPR D-Day

For all the panic it caused, WannaCry looks finally to have been contained by organisations round the globe. But this isn’t the time to forget about it and move on. There are valuable lessons to be learned about this attack, why it was so successful and what can be done to prevent it happening...

PATCH Act Calls for VEP Review Board

The U.S. government took the first steps toward codifying the Vulnerabilities Equities Process into law yesterday through the introduction of the Protecting Our Ability to Counter Hacking PATCH Act of 2017. The VEP is the internal process by which the government decides which software...

Leaked NSA Exploit Spreading Ransomware Worldwide

A ransomware attack running rampant through Europe today is spreading via an exploit leaked in the most recent ShadowBrokers dump. Researchers at Kaspersky Lab said the attackers behind today’s outbreak of WannaCry ransomware are using EternalBlue, the codename for an exploit made public by the...

CVE-2017-0199 OFFICE OLE2LINK the exploitability of the vulnerability details-vulnerability warning-the black bar safety net

Author: 天择实验室[email protected] Reprint please indicate the source: http://blog.jowto.com Vulnerability overview fireeye recently published a OFFICE 0day, without the need for user interaction in the case, open a word document you can by hta script to execute arbitrary code. After the study found tha...

The Word Vulnerability, CVE-2017-0199 dissect that Microsoft patch that you installed? - Vulnerability warning-the black bar safety net

! Foreword Recently, FireEye detects a use of the vulnerability, CVE-2017-0199 malicious OfficeRTF document--earlier this week FreeBuf also reported the vulnerability, without the need to enable Word macros, open a malicious RFT document can be infected with a malicious program. When the user ope...

5-year-old Skype Backdoor Discovered — Mac OS X Users Urged to Update

Those innocent-looking apps in your smartphone can secretly spy on your communications or could allow hackers to do so. Hard to believe, but it's true. Recently, Trustwave's SpiderLabs analysts discovered a hidden backdoor in Skype for Apple's macOS and Mac OS X operating systems that could be us...

Exploit Kits Quickly Adopt Exploit Thanks to Open Source Release

A security researcher recently published source code for a working exploit for CVE-2016-0189 and the Neutrino Exploit Kit EK quickly adopted it. CVE-2016-0189 was originally exploited as a zero-day vulnerability in targeted attacks in Asia. The vulnerability resides within scripting engines in...

Threat Actor Leverages Windows Zero-day Exploit in Payment Card Data Attacks

In March 2016, a financially motivated threat actor launched several tailored spear phishing campaigns primarily targeting the retail, restaurant, and hospitality industries. The emails contained variations of Microsoft Word documents with embedded macros that, when enabled, downloaded and execut...

MS16-056: Security Update for Windows Journal (3156761)

The remote Windows host is missing a security update. It is, therefore, affected by a remote code execution vulnerability in Windows Journal due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this vulnerability by convincing a user to open a special...

Windows kernel Vulnerability CVE-2 0 1 6-0 1 4 3 analysis-vulnerability warning-the black bar safety net

4 on 2 0 March, Nils Sommer in the exploitdb on broke a new Windows kernel vulnerability PoC. The vulnerability affects all versions of Windows operating system, the attacker after the success of available privilege escalation, Microsoft in 4, on patch day fixes the vulnerability. 0×0 1...