Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Microsoft Unveils Dev Box, a Workstation-as-a-Service

Microsoft Dev Box will make it easier for developers and hybrid teams to get up and running with workstations already preconfigured with required applications and tools.

DARKReading
#vulnerability#web#mac#windows#microsoft#intel#auth
Microsoft Patch Tuesday May 2022: Edge RCE, PetitPotam LSA Spoofing, bad patches

Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2022. Sorry for the delay, this month has been quite intense. As usual, I’m using my Vulristics project and going through not only the vulnerabilities that were presented on May 10th, but all the MS vulnerabilities presented by Microsoft since the previous Patch […]

LinkedIn bug bounty program goes public with rewards of up to $18k

Social media platform ends private program after paying $250,000 in rewards over eight years

Qualys to Unveil VMDR 2.0 at Qualys Security Conference in San Francisco

Company will detail enhancements to Vulnerability Management, Detection and Response solution next month.

DuckDuckGo Allows Microsoft Trackers Despite No Tracking Policy – Researcher

By Waqas The privacy-oriented search engine and browser provider DuckDuckGo has received flak after a researcher identified Microsoft Trackers in… This is a post from HackRead.com Read the original post: DuckDuckGo Allows Microsoft Trackers Despite No Tracking Policy – Researcher

Massive increase in XorDDoS Linux malware in last six months

Malware attacks against Linux systems are on the rise. And when it comes to bot malware, XorDDoS is the frontrunner. The post Massive increase in XorDDoS Linux malware in last six months appeared first on Malwarebytes Labs.

Print Spooler Remote DLL Injection

The print spooler service can be abused by an authenticated remote attacker to load a DLL through a crafted DCERPC request, resulting in remote code execution as NT AUTHORITY\SYSTEM. This module uses the MS-RPRN vector which requires the Print Spooler service to be running.

Learn How Hackers Can Hijack Your Online Accounts Even Before You Create Them

Malicious actors can gain unauthorized access to users' online accounts via a new technique called "account pre-hijacking," new research has found. The attack takes aim at the account creation process that's ubiquitous in websites and other online platforms, enabling an adversary to perform a set of actions before an unsuspecting victim creates an account in a target service. The study was led

Researchers Find New Malware Attacks Targeting Russian Government Entities

An unknown advanced persistent threat (APT) group has been linked to a series of spear-phishing attacks targeting Russian government entities since the onset of the Russo-Ukrainian war in late February 2022. "The campaigns [...] are designed to implant a Remote Access Trojan (RAT) that can be used to surveil the computers it infects, and run commands on them remotely," Malwarebytes said in a

Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021

But there was a substantial drop in the overall number of critical vulnerabilities that the company disclosed last year, new analysis shows.