Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector

Microsoft's decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded from the internet has led many threat actors to improvise their attack chains in recent months. Now according to Cisco Talos, advanced persistent threat (APT) actors and commodity malware families alike are increasingly using Excel add-in (.XLL) files as an initial intrusion vector.

The Hacker News
Open in Source
#vulnerability#mac#windows#microsoft#cisco#c++#backdoor#The Hacker News
Securing and Improving User Experience for the Future of Hybrid Work

Digital transformation initiatives are challenging because IT still has to make sure performance doesn't suffer by making applications available from anywhere.

CVE-2022-3156: Studio 5000 Logix Emulate Vulnerable to a SMB Insecurely Configuration Vulnerability

A remote code execution vulnerability exists in Rockwell Automation Studio 5000 Logix Emulate software. Users are granted elevated permissions on certain product services when the software is installed. Due to this misconfiguration, a malicious user could potentially achieve remote code execution on the targeted software.

Why Attackers Target GitHub, and How You Can Secure It

The unfettered collaboration of the GitHub model creates a security headache. Follow these seven principles to help relieve the pain.

BlueNoroff APT Hackers Using New Ways to Bypass Windows MotW Protection

BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web (MotW) protections. This includes the use of optical disk image (.ISO extension) and virtual hard disk (.VHD extension) file formats as part of a novel infection chain, Kaspersky disclosed in a report published today. "BlueNoroff

CVE-2022-36664: Password Manger for IIS * User Manual * Version 1.0

Password Manager for IIS 2.0 has a cross-site scripting (XSS) vulnerability via the /isapi/PasswordManager.dll ResultURL parameter.

2022 Top Five Immediate Threats in Geopolitical Context

As we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in terms of testing numbers offers a threat-based perspective on what triggers cybersecurity teams to check how vulnerable they are to specific threats. These are the threats that were most tested to validate resilience with the Cymulate security posture management platform between January 1st and

The Most Dangerous People on the Internet in 2022

From SBF to the GRU, these were the most disruptive forces of online chaos this year.

CVE-2022-45892: Multiple critical vulnerabilities in Planet Enterprises Ltd - Planet eStream

In Planet eStream before 6.72.10.07, multiple Stored Cross-Site Scripting (XSS) vulnerabilities exist: Disclaimer, Search Function, Comments, Batch editing tool, Content Creation, Related Media, Create new user, and Change Username.

Microsoft Patch Tuesday December 2022: SPNEGO RCE, Mark of the Web Bypass, Edge Memory Corruptions

Hello everyone! This episode will be about Microsoft Patch Tuesday for December 2022, including vulnerabilities that were added between November and December Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. Alternative video link (for Russia): https://vk.com/video-149273431_456239112 But let’s start with an older vulnerability. This will be another example why […]