Tag
#microsoft
A decade and a half after Gh0st RAT first appeared, the "SugarGh0st RAT" variant aims to make life sweeter for cybercriminals.
Fake Facebook ads seem to be the flavor of the month for scammers.
Security updates are tedious and difficult, so users continue to use a weak version of a core protocol and remain exposed to major attacks on critical infrastructure.
The default configuration of Aquaforest TIFF Server allows access to arbitrary file paths, subject to any restrictions imposed by Internet Information Services (IIS) or Microsoft Windows. Depending on how a web application uses and configures TIFF Server, a remote attacker may be able to enumerate files or directories, traverse directories, bypass authentication, or access restricted files.
Plus: Major security patches from Microsoft, Mozilla, Atlassian, Cisco, and more.
Cisco Talos recently discovered a malicious campaign that likely started as early as August 2023, delivering a new remote access trojan (RAT) we dubbed “SugarGh0st.”
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SpreadsheetConverter Import Spreadsheets from Microsoft Excel allows Stored XSS.This issue affects Import Spreadsheets from Microsoft Excel: from n/a through 10.1.3.
Amazon Web Services announced enhancements to several of its security tools, including GuardDuty, Inspector, Detective, IAM Access Analyzer, and Secrets Manager, to name a few during its re:Invent event.
Melissa Hathaway, a former White House cybersecurity adviser, says Biden is pushing through more regulatory reforms than previous administrations.
By Waqas A critical Zoom Room vulnerability allowed exploiting service accounts for unauthorized tenant access. This is a post from HackRead.com Read the original post: Zoom Vulnerability Allowed Hackers to Take Over Meetings, Steal Data