Cyber Security Ransomware Attackers Bypass Microsoft’s ProxyNotShell Mitigations With Fresh Exploit Dec 21, 2022 darkreading.com The Play ransomware group was spotted exploiting another little-known SSRF bug to trigger RCE on affected Exchange servers.
Cyber Security Microsoft Warns on ‘Achilles’ macOS Gatekeeper Bypass Dec 20, 2022 darkreading.com The latest bypass for Apple's application-safety feature could allow malicious takeover of Macs.
Technology Raspberry Robin worm drops fake malware to confuse researchers Dec 20, 2022 bleepingcomputer.com The Raspberry Robin malware is now trying its hand at some trickery by dropping a fake payload to confuse researchers…
Technology Microsoft finds macOS bug that lets malware bypass security checks Dec 19, 2022 bleepingcomputer.com Apple has fixed a vulnerability that could be leveraged to deploy malware on vulnerable macOS devices via untrusted applications capable of bypassing Gatekeeper application execution…
Cyber Security Researcher Bypasses Akamai WAF Dec 16, 2022 darkreading.com Patched several months ago, researcher reports how they used Spring Boot to sneak past Akamai's firewall and remotely execute code.
Cyber Security Meta Ponies Up $300K Bounty for Zero-Click Mobile RCE Bugs in Facebook Dec 15, 2022 darkreading.com Facebook's parent company has also expanded bug-bounty payouts to include Oculus and other "metaverse" gadgets for AR/VR.
Technology Attackers use SVG files to smuggle QBot malware onto Windows systems Dec 14, 2022 bleepingcomputer.com QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates…
Technology Microsoft patches Windows zero-day used to drop ransomware Dec 14, 2022 bleepingcomputer.com Microsoft has fixed a security vulnerability used by threat actors to circumvent the Windows SmartScreen security feature and deliver Magniber…
Cyber Security Microsoft Patch Tuesday, December 2022 Edition Dec 14, 2022 krebsonsecurity.com Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in…
Cyber Security Microsoft Squashes Zero-Day, Actively Exploited Bugs in Dec. Update Dec 13, 2022 darkreading.com Here's what you need to patch now, including six critical updates for Microsoft's final Patch Tuesday of the year.
Ransomware Attackers Bypass Microsoft’s ProxyNotShell Mitigations With Fresh Exploit
The Play ransomware group was spotted exploiting another little-known SSRF bug to trigger RCE on affected Exchange servers.
Microsoft Warns on ‘Achilles’ macOS Gatekeeper Bypass
The latest bypass for Apple's application-safety feature could allow malicious takeover of Macs.
Raspberry Robin worm drops fake malware to confuse researchers
The Raspberry Robin malware is now trying its hand at some trickery by dropping a fake payload to confuse researchers…
Microsoft finds macOS bug that lets malware bypass security checks
Apple has fixed a vulnerability that could be leveraged to deploy malware on vulnerable macOS devices via untrusted applications capable of bypassing Gatekeeper application execution…
Researcher Bypasses Akamai WAF
Patched several months ago, researcher reports how they used Spring Boot to sneak past Akamai's firewall and remotely execute code.
Meta Ponies Up $300K Bounty for Zero-Click Mobile RCE Bugs in Facebook
Facebook's parent company has also expanded bug-bounty payouts to include Oculus and other "metaverse" gadgets for AR/VR.
Attackers use SVG files to smuggle QBot malware onto Windows systems
QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates…
Microsoft patches Windows zero-day used to drop ransomware
Microsoft has fixed a security vulnerability used by threat actors to circumvent the Windows SmartScreen security feature and deliver Magniber…
Microsoft Patch Tuesday, December 2022 Edition
Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in…
Microsoft Squashes Zero-Day, Actively Exploited Bugs in Dec. Update
Here's what you need to patch now, including six critical updates for Microsoft's final Patch Tuesday of the year.