Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Lua Malware Targeting Student Gamers via Fake Game Cheats

Morphisec Threat Labs uncovers sophisticated Lua malware targeting student gamers and educational institutions. Learn how these attacks work…

HackRead
Open in Source
#web#mac#windows#ddos#git
The Perils of Ignoring Cybersecurity Basics

The massive outage involving a faulty Falcon update is an excellent illustration of what happens when organizations neglect security fundamentals.

PHP-Nuke Top Module SQL Injection

The Top module for PHP-Nuke versions 6.x and below 7.6 suffers from a remote SQL injection vulnerability.

GoldenJackal Target Embassies and Air-Gapped Systems Using Malware Toolsets

A little-known threat actor tracked as GoldenJackal has been linked to a series of cyber attacks targeting embassies and governmental organizations with an aim to infiltrate air-gapped systems using two disparate bespoke toolsets. Victims included a South Asian embassy in Belarus and a European Union government (E.U.) organization, Slovak cybersecurity company ESET said. "The ultimate goal of

CVE-2024-43611: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker who successfully exploited this vulnerability could gain remote code execution (RCE) on the victim's machine.

CVE-2024-43593: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.

CVE-2024-43592: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?** This attack requires an admin user on the client to connect to a malicious server, and that could allow the attacker to gain code execution on the client.

CVE-2024-43585: Code Integrity Guard Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this vulnerability could trick Windows Code Integrity Guard (CIG) into trusting the file the attacker altered to contain arbitrary content bypassing CIG integrity checks.

CVE-2024-43571: Sudo for Windows Spoofing Vulnerability

**According to the CVSS metric, user interaction is required (UI:R) and privileges required are low (PR:L). What does that mean for this vulnerability?** An authenticated attacker must launch a specially crafted malicious application and wait for the victim to perform a command in a console window for the vulnerability to be exploited.