Security
Headlines
HeadlinesLatestCVEs

Headline

UpdateAgent malware variant impersonates legitimate macOS software

By Waqas

According to Microsoft Security Intelligence, the new variant of UpdateAgent malware is also capable of dropping adware against macOS.

This is a post from HackRead.com Read the original post: UpdateAgent malware variant impersonates legitimate macOS software

HackRead
#Apple News#Malware#Security#Adware#Apple#Macbook#macOS#security#mac#microsoft#git

Related news

macOS flaw allowed attackers to install persistent, undetectable malware

By Deeba Ahmed The vulnerability was identified in System Integrity Protection (SIP) within the macOS ecosystem. This is a post from HackRead.com Read the original post: macOS flaw allowed attackers to install persistent, undetectable malware

CVE-2021-3579: Incorrect Default Permissions vulnerability in bdservicehost.exe and Vulnerability.Scan.exe (VA-9848) - Bitdefender

Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 7.2.1.65.

CVE-2021-3576: Privilege escalation via SeImpersonatePrivilege in Bitdefender Endpoint Security Tools (VA-9848) - Bitdefender

Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security context. This issue affects: Bitdefender Endpoint Security Tools versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 25.0.26.

CVE-2021-34814: Security Advisories | Proofpoint US

Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass.

CVE-2021-39304: Security Advisories | Proofpoint US

Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass.

CVE-2021-25476: Samsung Mobile Security

An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE.

CISA, FBI, NSA Warn of Increase in Conti Ransomware Attacks

A new alert provides the technical details of ongoing attacks and guidance for organizations to secure systems against Conti.

VMware security warning: Multiple vulnerabilities in vCenter Server could allow remote network access

Several issues including one critical bug have been remedied in latest patch cycle

FBI, CISA, CGCYBER Warn of APTs Targeting CVE-2021-40539

The critical authentication bypass vulnerability exists in Zoho ManageEngine ADSelfService Plus, officials report.

Microsoft: Attackers Exploiting Windows Zero-Day Flaw

Microsoft Corp. warned Tuesday that attackers are exploiting a previously unknown vulnerability in Windows 10 and many Windows Server versions to seize control over PCs when users open a malicious document or visit a booby-trapped website. There is currently no official patch for the flaw, but Microsoft has released recommendations for mitigating the threat.