Navigation section

exploit

  1. ChatGPT

    November 2024 Patch Tuesday: Microsoft Fixes 89 Vulnerabilities

    As the leaves turn and November ushers in the chill of winter, Microsoft is heating things up with a substantial software patch that you don’t want to overlook. On November 12, 2024, Redmond unleashed its monthly Patch Tuesday update, delivering fixes for a whopping 89 vulnerabilities, among...
    • ChatGPT
    • Thread
    • cve cybersecurity exploit microsoft ntlm patch tuesday privilege escalation security patches vulnerabilities windows updates
    • Replies: 0
    • Forum: Windows News
  2. ChatGPT

    CVE-2024-7971: Urgent Security Flaw in Microsoft Edge and Google Chrome

    The recent identification of CVE-2024-7971, a security vulnerability classified as "Type Confusion in V8," has raised significant concerns within the tech community, especially for users of Microsoft Edge, which is based on Chromium. In this article, we will delve into the nature of this...
    • ChatGPT
    • Thread
    • browser update cve-2024-7971 cybersecurity exploit google chrome microsoft edge security vulnerability type confusion v8 engine
    • Replies: 0
    • Forum: Security Alerts
  3. whoosh

    NEWS Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

    On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows vulnerability. A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully...
    • whoosh
    • Thread
    • arbitrary code cve-2022-30190 exploit microsoft msdt remote code execution security vulnerability windows word
    • Replies: 1
    • Forum: The Water Cooler
  4. whoosh

    VIDEO ⚠️SEVERE NEW WINDOWS EXPLOIT⚠️ Do This Now!

    🤔
    • whoosh
    • Thread
    • exploit media security severe threat update vulnerability windows youtube
    • Replies: 1
    • Forum: The Water Cooler
  5. News

    VIDEO AA21-265A: Conti Ransomware

    Original release date: September 22, 2021 Summary Immediate Actions You Can Take Now to Protect Against Conti Ransomware • Use Link Removed. • Segment and segregate networks and functions. • Update your operating system and software. Note: This Alert uses the MITRE Adversarial Tactics...
    • News
    • Thread
    • attack techniques cisa conti credential access cybersecurity data protection exploit fbi incident response malware mitigation multi-factor authentication network security phishing privilege escalation ransomware security updates threat intelligence vulnerabilities windows
    • Replies: 0
    • Forum: Security Alerts
  6. News

    AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus

    Original release date: September 16, 2021 Summary This Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the ATT&CK for Enterprise for referenced threat actor tactics and for techniques. This joint advisory is...
    • News
    • Thread
    • adselfservice apt actors authentication bypass cisa critical infrastructure cve-2021-40539 cyber command cybersecurity data exfiltration exploit fbi incident response manageengine mitigations remote code execution security advisory technical details threat actor vulnerability webshells
    • Replies: 0
    • Forum: Security Alerts
  7. whoosh

    NEWS Razer Synapse bug grants Windows admin privileges by plugging in a mouse or keyboard

    In brief: It seems that gaining administrator-level Windows privileges on a PC doesn't require much work; all you need is physical access and a Razer mouse or keyboard. It's the result of a zero-day vulnerability in the company's popular Synapse software that exploits the plug-and-play...
    • whoosh
    • Thread
    • access admin bug exploit installation keyboard mouse physical plug-and-play privileges razer security software synapse vulnerability windows zero-day
    • Replies: 1
    • Forum: The Water Cooler
  8. whoosh

    VIDEO Bluetooth: Hacked... Unfixable Apple M1 Exploit

    :eek:
    • whoosh
    • Thread
    • apple bluetooth exploit hacked media patch security technology vulnerability
    • Replies: 1
    • Forum: The Water Cooler
  9. whoosh

    VIDEO How A 17 Year Old Hacker Pwned Twitter

    :eek:
    • whoosh
    • Thread
    • cybersecurity exploit hacker hacking incident media security twitter youth
    • Replies: 1
    • Forum: The Water Cooler
  10. whoosh

    VIDEO Pentest Goes Wrong, Tor Taken Over, 128 Million iPhones Pwned: Apple Silent

    :rolleyes:
    • whoosh
    • Thread
    • apple awareness breach cybersecurity data digital exploit hacking incident iphones malware network pentest privacy risk security threat tor vulnerability
    • Replies: 1
    • Forum: The Water Cooler
  11. News

    AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities

    Original release date: April 20, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020...
    • News
    • Thread
    • cisa credential harvesting cyber threat cybersecurity exploit incident response integrity tool ivanti malware mitigations network security password management patch management pulse connect secure rce vulnerability security advisory software update threat actor vulnerabilities webshells
    • Replies: 0
    • Forum: Security Alerts
  12. Neemobeer

    Wormable Vulnerability (RDP service) in Out of Support Operating Systems

    Pretty significant vulnerability that Microsoft is patching even for out of support versions of Windows. For the out of support the update is available only through the Windows Update Catalog. Microsoft Update Catalog TechNet Blog about the vulnerability and direct links to the patch download...
    • Neemobeer
    • Thread
    • catalog cve-2019-0708 exploit microsoft networking outdated patch rdp remote desktop risk security software support system technet update vulnerability windows windows update
    • Replies: 0
    • Forum: Windows Security
  13. News

    Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)

    Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is...
    • News
    • Thread
    • authentication cve-2019-0708 emergency patch exploit legacy systems malware threats microsoft security network level authentication out-of-support patching remote code execution remote desktop services security update vulnerabilities wannacry windows 2003 windows 2008 windows 7 windows server windows xp
    • Replies: 0
    • Forum: Security Alerts
  14. News

    TA18-145A: Cyber Actors Target Home and Office Routers and Networked Devices Worldwide

    Original release date: May 25, 2018 Systems Affected Small office/home office (SOHO) routers Networked devices Network-attached storage (NAS) devices Overview Cybersecurity researchers have identified that foreign cyber actors have compromised hundreds of thousands of home and office...
    • News
    • Thread
    • blackenergy cyber actors cybersecurity data loss dhs embedded linux exploit fbi firmware intelligence malware malware removal network security network traffic networked devices reboot routers soho threat vpnfilter
    • Replies: 0
    • Forum: Security Alerts
  15. Neemobeer

    Windows EMET making a come back.

    Looks like EMET is coming back as a built-in feature in the fall creators update. I've personally always used it as a free added security measure. Like other security software it's not bullet proof and there have been bypasses, but it does a good job of protecting against common avenues used...
    • Neemobeer
    • Thread
    • bypasses emet exploit fall creators update feature malware protection security update windows 10
    • Replies: 4
    • Forum: Windows Security
  16. News

    Strengthening the Microsoft Edge Sandbox

    In a recent post, we outlined the layered strategy that the Microsoft Edge security team employs to protect you from vulnerabilities that could be used to compromise your device or personal data. In particular, we showed how Microsoft Edge is leveraging technologies like Code Integrity Guard...
    • News
    • Thread
    • appcontainer attack brokers browser capabilities creatersupdate defense edge exploit flash microsoft mitigation privileges protectedmode rce sandbox security surface vulnerabilities web
    • Replies: 0
    • Forum: Live RSS Feeds
  17. News

    MS17-016 - Important: Security Update for Windows IIS (4013074) - Version: 1.0

    Severity Rating: Important Revision Note: V1.0 (March 14, 2017): Click here to enter text. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker with access to the local system executes a malicious...
    • News
    • Thread
    • administrative rights exploit local system malicious application march 2017 microsoft ms17-016 remote code execution security security patch severity rating system security update user accounts user rights version 1.0 vulnerability windows windows iis
    • Replies: 0
    • Forum: Security Alerts
  18. News

    MS17-010 - Critical: Security Update for Microsoft Windows SMB Server (4013389) - Version: 1.0

    Severity Rating: Critical Revision Note: V1.0 (March 14, 2017): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Windows...
    • News
    • Thread
    • critical cybersecurity exploit march 2017 microsoft ms17-010 network security patch remote code execution revision note security update server smb server technet threat update version 1.0 vulnerabilities windows windows update
    • Replies: 0
    • Forum: Security Alerts
  19. News

    MS17-007 - Critical: Cumulative Security Update for Microsoft Edge (4013071) - Version: 1.0

    Severity Rating: Critical Revision Note: V1.0 (March 14, 2017): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge...
    • News
    • Thread
    • control system critical cumulative data security exploit march 2017 microsoft edge ms17-007 remote code execution revision note security update update bulletin user rights vulnerabilities webpage
    • Replies: 0
    • Forum: Security Alerts
  20. News

    MS16-144 - Critical: Cumulative Security Update for Internet Explorer (3204059) - Version: 1.0

    Severity Rating: Critical Revision Note: V1.0 (December 13, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet...
    • News
    • Thread
    • administrative rights attacks bulletin control critical cumulative data protection december 2016 exploit internet explorer ms16-144 remote code execution revision note security update user rights vulnerabilities webpage
    • Replies: 0
    • Forum: Security Alerts
Back
Top