Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Charming Kiten's New Backdoor 'Sponsor' Targets Brazil, Israel, and U.A.E.

The Iranian threat actor known as Charming Kiten has been linked to a new wave of attacks targeting different entities in Brazil, Israel, and the U.A.E. using a previously undocumented backdoor named Sponsor. Slovak cybersecurity firm is tracking the cluster under the name Ballistic Bobcat. Victimology patterns suggest that the group primarily singles out education, government, and healthcare

The Hacker News
Open in Source
#vulnerability#web#microsoft#c++#backdoor#The Hacker News
AI Chatbots Are Invading Your Local Government—and Making Everyone Nervous

State and local governments in the US are scrambling to harness tools like ChatGPT to unburden their bureaucracies, rushing to write their own rules—and avoid generative AI's many pitfalls.

New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World

A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. "Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection and execution since it uses a modular architecture, a feature that most loaders do not have," Zscaler

A week in security (September 4 - September 10)

Categories: News Tags: week Tags: security Tags: September Tags: 2023 Tags: Atomic stealer Tags: Microsoft breach A list of topics we covered in the week of September 4 to September 10 of 2023 (Read more...) The post A week in security (September 4 - September 10) appeared first on Malwarebytes Labs.

Mozilla: Your New Car Is a Data Privacy Nightmare

Plus: Apple patches newly discovered flaws exploited by NSO Group spyware, North Korean hackers target security researchers, and more.

Microsoft Windows Kernel Recovery Memory Corruption

The Microsoft Windows Kernel has an issue where a partial success of registry hive log recovery may lead to inconsistent state and memory corruption.

Microsoft Windows Kernel Integer Overflow / Out-Of-Bounds Read

The Microsoft Windows Kernel suffers from out-of-bounds reads due to an integer overflow in registry .LOG file parsing.

Ubuntu Security Notice USN-6355-1

Ubuntu Security Notice 6355-1 - Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local attacker could possibly use this to circumvent secure boot protections. Daniel Axtens discovered that specially crafted images could cause buffer underwrite which allows arbitrary data to be written to a heap. A local attacker could possibly use this to circumvent secure boot protections.

Protecting Your Microsoft IIS Servers Against Malware Attacks

Microsoft Internet Information Services (IIS) is a web server software package designed for Windows Server. Organizations commonly use Microsoft IIS servers to host websites, files, and other content on the web. Threat actors increasingly target these Internet-facing resources as low-hanging fruit for finding and exploiting vulnerabilities that facilitate access to IT environments.  Recently, a

North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers

Threat actors associated with North Korea are continuing to target the cybersecurity community using a zero-day bug in unspecified software over the past several weeks to infiltrate their machines. The findings come from Google’s Threat Analysis Group (TAG), which found the adversary setting up fake accounts on social media platforms like X (formerly Twitter) and Mastodon to forge relationships