Microsoft Patch Tuesday April 2022 and custom CVE comments sources in Vulristics

Hello everyone! This episode will be about Microsoft Patch Tuesday for April 2022 and new improvements in my Vulristics project. I decided to add more comment sources. Because its not just Tenable, Qualys, Rapid7 and ZDI make Microsoft Patch Tuesday reviews, but also other security companies and...

Cyberattackers Put the Pedal to the Medal: Podcast

Cyber-defenders have a lot on their plates: Rapid vulnerability exploitation. Ransomware-apalooza. Botnet infestations on the order never seen in the past. How can IT security teams effectively deal with the escalating volume of threats, especially as those threats become more sophisticated and...

High-Severity RCE Bug Found in Popular Apache Cassandra Database

Researchers have shared details about a now-patched, high-severity security bug in the Apache Cassandra open-source NoSQL distributed database that’s easy to exploit and, if left unpatched, could enable attackers to gain remote code execution RCE. The bug, which involves how Cassandra creates...

Microsoft Windows .Reg File - Dialog Spoof / Mitigation Bypass Vulnerability

Exploit Title: Microsoft Windows .Reg File - Dialog Spoof / Mitigation Bypass Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSREGFILEDIALOGSPOOFMITIGATIONBYPASS.txt twitter.com/hyp3rlinx ISR: ApparitionSe...

Microsoft Windows .Reg File Dialog Spoofing / Mitigation Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSREGFILEDIALOGSPOOFMITIGATIONBYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com A file with the .reg file extension is a...

Massive Zero-Day Hole Found in Palo Alto Security Appliances

Researchers have developed a working exploit to gain remote code execution RCE via a massive vulnerability in a security appliance from Palo Alto Networks PAN, potentially leaving 10,000 vulnerable firewalls with their goods exposed to the internet. The critical zero day, tracked as CVE 2021-3064...

Gigabyte Allegedly Hit by AvosLocker Ransomware

The AvosLocker ransomware gang is claiming that it breached tech giant Gigabyte and has leaked a sample of what it claims are files stolen from the Taiwanese company’s network. It’s offering to sell the rest. On Wednesday, the gang posted a “press release” announcing that it had purportedly gutte...

Spoofing Bug Highlights Cybersecurity for Digital Vaccine Passports

Three weeks after an independent researcher found a critical bug in the Services Australia COVID-19 digital vaccine certificate that would allow an attacker to falsify someone’s vaccine status, it still hasn’t been fixed. Researcher Richard Nelson looked into the security behind a new digital...

Nigerian Threat Actors Solicit Employees to Deploy Ransomware for Cut of Profits

Researchers have discovered a Nigerian threat actor trying to turn an organization’s employees into insider threats by soliciting them to deploy ransomware for a cut of the ransom profits. Researchers at Abnormal Security identified and blocked a number of emails sent earlier this month to some i...

Critical Valve Bug Lets Gamers Add Unlimited Funds to Steam Wallets

A security researcher helped Valve, the makers of the gaming platform Steam, plug an easy-to-exploit hole that allowed users to add unlimited funds to their digital wallet. Simply by changing the account’s email address, the exploit allowed anyone to artificially boost their digital billfold to...

SonicWall ‘Botches’ October Patch for VPN Bug

UPDATE An October patch for a critical remote code execution RCE bug in a SonicWall VPN appliance turned out to be insufficient. While the patch closed the RCE attack vector, more than 800,000 devices were still vulnerable to an additional memory-leak flaw for months, according to researchers...

CVE-2021-26419

Scripting Engine Memory Corruption Vulnerability Recent assessments: architect00 at May 14, 2021 10:33am UTC reported: Details The vulnerability affects Internet Explorer 11 on all Windows Versions. It is located in the jscript9.dll library, which is used to execute javascript. Possible attack...

Spotlight on Cybercriminal Supply Chains

An examination of cybercrime ecosystems reveals it mirrors legitimate financial organization and market systems. “Cybercriminals need to move money and pay employees in their organization just like any other company,” said Derek Manky Chief Security Insights & Global Threat Alliances at Fortinet’...

Ransomware: A Deep Dive into 2021 Emerging Cyber-Risks

Ransomware has been a growing scourge for years, but recent attacks illustrate a growing sophistication by attackers within this slice of the cybercrime underbelly. Snowballing assaults against the business sector, schools and government organizations are now a primary cybersecurity concern. Maki...

iOS Kids Game Morphs into Underground Crypto Casino

A kids’ game called “Jungle Run” that, until recently, was available in the Apple App store, was secretly a cryptocurrency-funded casino set up to scam people out of money. Join experts from Digital Shadows Austin Merritt, Malwarebytes Adam Kujawa and Sift Kevin Lee to find out how cybercrime...

Ragnarok Ransomware Hits Boggi Milano Menswear

Luxury Italian men’s clothing line Boggi Milano has confirmed what Ragnarok was already bragging about on the Dark Web: The brand was hit with a ransomware attack, according to multiple sources. Ragnarok and Boggi Milano representatives who spoke to Bloomberg agree on the facts; the ransomware...

Podcast: Ransomware Attacks Exploded in Q4 2020

Ransomware attacks continue to plague companies, with researchers from Fortinet’s Fortiguard Labs saying they saw an explosion in ransomware activity towards the end of the fourth quarter of 2020. Derek Manky According to Fortinet’s new “FortiGuard Labs Threat Report: Disruption Key Threat Trend ...

Ninja Forms WordPress Plugin Opens Websites to Hacks

Click to Register Ninja Forms, a WordPress plugin used by more than 1 million sites, contains four critical security vulnerabilities that together make it possible for a remote attacker to take over a WordPress site and create various kinds of problems. Ninja Forms offers WordPress site designers...

Google Play Boots Barcode Scanner App After Ad Explosion

A barcode scanner app, with over 10 million downloads, was booted from the Google Play marketplace after users began to complain of mobile-ad overload. The makers of the app, called Barcode Scanner, intentionally altered the code of the app via an update turning it from a benign app to adware,...

Adrozek Malware Delivers Fake Ads to 30K Devices a Day

A persistent malware campaign called Adrozek has been using an evolved browser modifier to deliver fraudulent ads to search-engine pages, according to Microsoft. At its peak in August, Adrozek was observed on more than 30,000 devices each day, researchers found, affecting multiple browsers. The...