#microsoft

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 20 and Jan. 27. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

Razer Synapse version 3.7.0731.072516 suffers from a local privilege escalation due to a DLL hijacking vulnerability.

Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. "This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating file system," Palo Alto Networks Unit 42 researchers Mike Harbison and Jen Miller-Osborn

Orcus is a Remote Access Trojan with some distinctive characteristics. The RAT allows attackers to create plugins and offers a robust core feature set that makes it quite a dangerous malicious program in its class. RAT is quite a stable type that always makes it to the top. ANY.RUN’s top malware types in 2022 That's why you'll definitely come across this type in your practice, and the Orcus

Knowing what Talos IR is responding to this quarter gives you a direct view into what needs to be most secured and most analyzed to ensure your own environment remains secure.

Improper input validation in driver adgnetworkwfpdrv.sys in Adguard For Windows x86 up to version 7.11 allows attacker to gain local privileges escalation.

A vulnerability within Microsoft's OAuth application registration allows an attacker to create hidden forwarding rules that act as a malicious SaaS rootkit.

### Impact A memory overwrite bug was reported by a security researcher in the **ConvertToSinglePlane** method via the *texconv* command-line tool when given an invalid height for planar video textures such as NV12. This can be a potential security bug for any clients of the library who follow the same pattern. This issue *does not* impact use of the DDS texture loader itself, only when combined with `ConvertToSinglePlane` for converting multi-planar video formats. All other functions in the library fail immediately if given images in planar formats. ### Patches The fix to the specific area as well as general hardening can be found in [this PR](https://github.com/microsoft/DirectXTex/pull/307) and will be included in the January 2023 or later release of DirectXTex. ### Workarounds If your code makes use of **ConvertToSinglePlane**, you can validate that the width & height alignment requirements are met for the input image before calling the function.

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2022 Q4 Security Researcher Leaderboard are: goodbyeselene, Jarvis_1oop, and kap0k! Check out the full list of researchers recognized this quarter here. … Congratulations to the Top MSRC 2022 Q4 Security Researchers! Read More »

Only one in 10 enterprises will create a robust zero-trust foundation in the next three years, while more than half of attacks won't even be prevented by it, according to Gartner.