#windows

A vulnerability identified in the Tailscale Windows client allows a malicious website to reconfigure the Tailscale daemon `tailscaled`, which can then be used to remotely execute code. **Affected platforms:** Windows **Patched Tailscale client versions:** v1.32.3 or later, v1.33.257 or later (unstable) ### What happened? In the Tailscale Windows client, the local API was bound to a local TCP socket, and communicated with the Windows client GUI in cleartext with no Host header verification. This allowed an attacker-controlled website visited by the node to rebind DNS to an attacker-controlled DNS server, and then make local API requests in the client, including changing the coordination server to an attacker-controlled coordination server. ### Who is affected? All Windows clients prior to version v.1.32.3 are affected. ### What should I do? If you are running Tailscale on Windows, upgrade to v1.32.3 or later to remediate the issue. ### What is the impact? An attacker-controlled coo...

An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and highly impactful, because the exploitation conforms to de facto DNS specifications and operational practices, and overcomes current mitigation patches for "Ghost" domain names.

A cross-site scripting (XSS) vulnerability in Beekeeper Studio v3.6.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error modal container.

By Deeba Ahmed AXLocker ransomware is now known as a threat that targets Discord users. This is a post from HackRead.com Read the original post: Researchers Reveal Details of New Threats: AXLocker, Octocrypt and Alice Ransomware

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function formWifiWpsOOB.

ClicShopping version 3.402 suffers from a cross site scripting vulnerability.

Trojan.Win32.Platinum.gen malware suffers from a code execution vulnerability.

Google has won a lawsuit filed against two Russian nationals in connection with the operation of a botnet called Glupteba, the company said last week. The U.S. District Court for the Southern District of New York imposed monetary sanctions against the defendants and their U.S.-based legal counsel. The defendants have also been asked to pay Google's attorney fees. The defendants' move to press

By Deeba Ahmed The attackers gain access to the network through decoy documents covering controversial geo-political topics to lure the targeted organizations into downloading and executing the malware. This is a post from HackRead.com Read the original post: Research sector targeted in new spear phishing attack using Google Drive