Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Textpattern 4.8.8 Remote Code Execution

Textpattern version 4.8.8 suffers from an authenticated remote code execution vulnerability.

Packet Storm
Open in Source
#vulnerability#web#windows#apple#google#linux#apache#java#php#rce#auth#chrome#webkit#ssl
3 tips for creating backups your organization can rely on when ransomware strikes

Categories: News Categories: Ransomware Tags: World Backup Day Backups are your last line of defense against ransomware, if they work. (Read more...) The post 3 tips for creating backups your organization can rely on when ransomware strikes appeared first on Malwarebytes Labs.

3 tips to raise your backup game

Categories: Personal Because backups are the dental floss of cybersecurity—the thing that everyone knows they should do, that everyone intends to do, that nobody actually does. (Read more...) The post 3 tips to raise your backup game appeared first on Malwarebytes Labs.

3CX Supply Chain Attack — Here's What We Know So Far

Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack. The version numbers include 18.12.407 and 18.12.416 for Windows and 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 for macOS. The company said it's engaging the services of Google-owned Mandiant to review the incident. In the

Threat Advisory: 3CX Softphone Supply Chain Compromise

Cisco Talos is tracking and actively responding to a supply chain attack involving the 3CX Desktop Softphone application. This is a multi-stage attack that involves sideloading DLLs, seven-day sleep routines, and additional payloads dependent on a now-removed GitHub repository for Windows based systems. MacOS systems used a different infection chain

Automatic Updates Deliver Malicious 3CX 'Upgrades' to Enterprises

In a Solar Winds-like attack, compromised, digitally signed versions of 3CX DesktopApp are landing on user systems via the vendor's update mechanism.

CVE-2023-1393: security - Fwd: X.Org Security Advisory: CVE-2023-1393: X.Org Server Overlay Window Use-After-Free

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

How to Solve IoT's Identity Problem

Network protocols can be used to identify operating systems and discern other device information.

Ancillary Function Driver (AFD) For Winsock Privilege Escalation

A vulnerability exists in the Windows Ancillary Function Driver for Winsock (afd.sys) can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\SYSTEM. Due to a flaw in AfdNotifyRemoveIoCompletion, it is possible to create an arbitrary kernel Write-Where primitive, which can be used to manipulate internal I/O ring structures and achieve local privilege escalation. This exploit only supports Windows 11 22H2 up to build 22621.963 (patched in January 2023 updates).