#microsoft

A suspected state-aligned threat actor has been attributed to a new set of attacks exploiting the Microsoft Office "Follina" vulnerability to target government entities in Europe and the U.S. Enterprise security firm Proofpoint said it blocked attempts at exploiting the remote code execution flaw, which is being tracked CVE-2022-30190 (CVSS score: 7.8). No less than 1,000 phishing messages

Plus: The US admits to cyber operations supporting Ukraine, SCOTUS investigates its own, and a Michael Flynn surveillance mystery is solved.

Plus: The US admits to cyber operations supporting Ukraine, SCOTUS investigates its own, and a Michael Flynn surveillance mystery is solved.

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 27 and June 3. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,... [[ This is only the beginning! Please visit the blog for the complete entry ]]

The latest iteration of CMD-based ransomware is sophisticated and tricky to detect – and integrates token theft and worming capabilities into its feature set.

The attack on Israeli organizations is the latest in a long line of attempts to compromise supply chains, as the APT looks to leverage that access to target a multitude of potential victims.

By Owais Sultan In this digital era, online threats are booming as much as the internet user base. Sometimes, malware infects… This is a post from HackRead.com Read the original post: Fake Updates Continue To Be A Digital Risk: What To Do?

It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. Various other issues were also addressed.

Microweber CMS versions 1.2.15 and below suffer from an account takeover vulnerability.

An remote code execution (RCE) vulnerability in all versions of the popular Confluence collaboration platform can be abused in credential harvesting, cyber espionage, and network backdoor attacks.