Navigation section
exploit
-
VIDEO let’s play with a ZERO-DAY vulnerability “follina”
:shocked:- whoosh
- Thread
- cybersecurity exploit follina hacking malware security threat vulnerability youtube zero-day
- Replies: 0
- Forum: The Water Cooler
-
NEWS Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability
On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows vulnerability. A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully...- whoosh
- Thread
- arbitrary code cve-2022-30190 exploit microsoft msdt remote code execution security vulnerability windows word
- Replies: 0
- Forum: The Water Cooler
-
NEWS ⚠️SEVERE NEW WINDOWS EXPLOIT⚠️ Do This Now!
🤔- whoosh
- Thread
- exploit media security severe threat update vulnerability windows youtube
- Replies: 1
- Forum: The Water Cooler
-
VIDEO Dangerous Code Hidden in Plain Sight for 12 years
:eek:- whoosh
- Thread
- cybersecurity dangerous code exploit hidden threat malware research security software vulnerability youtube
- Replies: 0
- Forum: The Water Cooler
-
AA21-265A: Conti Ransomware
Original release date: September 22, 2021 Summary Immediate Actions You Can Take Now to Protect Against Conti Ransomware • Use Link Removed. • Segment and segregate networks and functions. • Update your operating system and software. Note: This Alert uses the MITRE Adversarial Tactics...- News
- Thread
- attack techniques cisa conti credential access cybersecurity data protection exploit fbi incident response malware mitigation multi-factor authentication network security phishing privilege escalation ransomware security updates threat intelligence vulnerabilities windows
- Replies: 0
- Forum: Security Alerts
-
AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
Original release date: September 16, 2021 Summary This Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the ATT&CK for Enterprise for referenced threat actor tactics and for techniques. This joint advisory is...- News
- Thread
- adselfservice apt actors authentication bypass cisa critical infrastructure cve-2021-40539 cyber command cybersecurity data exfiltration exploit fbi incident response manageengine mitigations remote code execution security advisory technical details threat actor vulnerability webshells
- Replies: 0
- Forum: Security Alerts
-
NEWS Razer Synapse bug grants Windows admin privileges by plugging in a mouse or keyboard
In brief: It seems that gaining administrator-level Windows privileges on a PC doesn't require much work; all you need is physical access and a Razer mouse or keyboard. It's the result of a zero-day vulnerability in the company's popular Synapse software that exploits the plug-and-play...- whoosh
- Thread
- access admin bug exploit installation keyboard mouse physical plug-and-play privileges razer security software synapse vulnerability windows zero-day
- Replies: 0
- Forum: The Water Cooler
-
VIDEO Bluetooth: Hacked... Unfixable Apple M1 Exploit
:eek:- whoosh
- Thread
- apple bluetooth exploit hacked media patch security technology vulnerability
- Replies: 0
- Forum: The Water Cooler
-
VIDEO How A 17 Year Old Hacker Pwned Twitter
:eek:- whoosh
- Thread
- cybersecurity exploit hacker hacking incident media security twitter youth
- Replies: 0
- Forum: The Water Cooler
-
VIDEO Pentest Goes Wrong, Tor Taken Over, 128 Million iPhones Pwned: Apple Silent
:rolleyes:- whoosh
- Thread
- apple awareness breach cybersecurity data digital exploit hacking incident iphones malware network pentest privacy risk security threat tor vulnerability
- Replies: 0
- Forum: The Water Cooler
-
AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
Original release date: April 20, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020...- News
- Thread
- cisa credential harvesting cyber threat cybersecurity exploit incident response integrity tool ivanti malware mitigations network security password management patch management pulse connect secure rce vulnerability security advisory software update threat actor vulnerabilities webshells
- Replies: 0
- Forum: Security Alerts
-
Wormable Vulnerability (RDP service) in Out of Support Operating Systems
Pretty significant vulnerability that Microsoft is patching even for out of support versions of Windows. For the out of support the update is available only through the Windows Update Catalog. Microsoft Update Catalog TechNet Blog about the vulnerability and direct links to the patch download...- Neemobeer
- Thread
- catalog cve-2019-0708 exploit microsoft networking outdated patch rdp remote desktop risk security software support system technet update vulnerability windows windows update
- Replies: 0
- Forum: Windows Security
-
Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)
Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is...- News
- Thread
- authentication cve-2019-0708 emergency patch exploit legacy systems malware threats microsoft security network level authentication out-of-support patching remote code execution remote desktop services security update vulnerabilities wannacry windows 2003 windows 2008 windows 7 windows server windows xp
- Replies: 0
- Forum: Security Alerts
-
TA18-145A: Cyber Actors Target Home and Office Routers and Networked Devices Worldwide
Original release date: May 25, 2018 Systems Affected Small office/home office (SOHO) routers Networked devices Network-attached storage (NAS) devices Overview Cybersecurity researchers have identified that foreign cyber actors have compromised hundreds of thousands of home and office...- News
- Thread
- blackenergy cyber actors cybersecurity data loss dhs exploit fbi firmware intelligence malware malware removal network security network traffic networked devices reboot routers soho threat vpnfilter
- Replies: 0
- Forum: Security Alerts
-
Windows EMET making a come back.
Looks like EMET is coming back as a built-in feature in the fall creators update. I've personally always used it as a free added security measure. Like other security software it's not bullet proof and there have been bypasses, but it does a good job of protecting against common avenues used...- Neemobeer
- Thread
- bypasses emet exploit fall creators update feature malware protection security update windows 10
- Replies: 4
- Forum: Windows Security
-
Strengthening the Microsoft Edge Sandbox
In a recent post, we outlined the layered strategy that the Microsoft Edge security team employs to protect you from vulnerabilities that could be used to compromise your device or personal data. In particular, we showed how Microsoft Edge is leveraging technologies like Code Integrity Guard...- News
- Thread
- appcontainer attack brokers browser capabilities creatersupdate defense edge exploit flash microsoft mitigation privileges protectedmode rce sandbox security surface vulnerabilities web
- Replies: 0
- Forum: Live RSS Feeds
-
MS17-016 - Important: Security Update for Windows IIS (4013074) - Version: 1.0
Severity Rating: Important Revision Note: V1.0 (March 14, 2017): Click here to enter text. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker with access to the local system executes a malicious...- News
- Thread
- administrative rights exploit local system malicious application march 2017 microsoft ms17-016 remote code execution security security patch system security update user accounts user rights version 1.0 vulnerability windows windows iis
- Replies: 0
- Forum: Security Alerts
-
MS17-010 - Critical: Security Update for Microsoft Windows SMB Server (4013389) - Version: 1.0
Severity Rating: Critical Revision Note: V1.0 (March 14, 2017): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Windows...- News
- Thread
- critical cybersecurity exploit march 2017 microsoft ms17-010 network security patch remote code execution revision note security update server smb server technet threat update version 1.0 vulnerabilities windows windows update
- Replies: 0
- Forum: Security Alerts
-
MS17-007 - Critical: Cumulative Security Update for Microsoft Edge (4013071) - Version: 1.0
Severity Rating: Critical Revision Note: V1.0 (March 14, 2017): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge...- News
- Thread
- control system critical cumulative data security exploit march 2017 microsoft edge ms17-007 remote code execution revision note security update update bulletin user rights vulnerabilities webpage
- Replies: 0
- Forum: Security Alerts
-
MS16-144 - Critical: Cumulative Security Update for Internet Explorer (3204059) - Version: 1.0
Severity Rating: Critical Revision Note: V1.0 (December 13, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet...- News
- Thread
- account management administrative rights attacks bulletin control critical cumulative data protection december 2016 exploit internet explorer ms16-144 remote code execution revision note security update user rights vulnerabilities webpage
- Replies: 0
- Forum: Security Alerts