The Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. DHS on Monday issued an alert for the BlueKeep Windows flaw (CVE-2019-0708). After Microsoft and the US NSA, the Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. DHS on Monday issued an alert for the BlueKeep Windows flaw (CVE-2019-0708). Experts at the CISAÂ Agency successfully […]
Experts at 0patch released an unofficial patch to address a recently disclosed zero-day vulnerability in Windows 10 Task Scheduler. Security experts at 0patch released an unofficial patch to address a recently disclosed zero-day vulnerability in Windows 10 Task Scheduler. A couple of weeks ago, researcher SandboxEscaper released a working exploit for the vulnerability, Like the […]
A security expert disclosed technical details of a new unpatched vulnerability (CVE-2019-9510) that affects Microsoft Windows Remote Desktop Protocol (RDP). Security expert Joe Tammariello of Carnegie Mellon University Software Engineering Institute (SEI), discovered a new unpatched vulnerability in Microsoft Windows Remote Desktop Protocol (RDP). The flaw, tracked as CVE-2019-9510, could be exploited by client-side attackers to […]
The Russian army seems to be in the process of replacing the Windows system with the Debian-based Linux distribution Astra Linux. Cyber security seems to subvert the globalization concept, governments are working to develop their own technology fearing possible espionage and sabotage activities of foreign states. The Russian military is in the process of replacing […]
Researchers at 0patch released a temporary micropatch for the unpatched BearLPE local privilege escalation zero-day flaw in Windows 10. Experts at 0patch released a micropatch to temporary fix a still-unpatched local privilege escalation on systems without rebooting them. The zero-day vulnerability, dubbed BearLPE, was recently disclosed by the security researcher SandboxEscaper. The following video shows how the […]
The popular white hat hacker Tavis Ormandy has announced the discovery of a code execution vulnerability in Microsoftâs Notepad text editor. The Google Project Zero researcher Tavis Ormandy announced the discovery of a code execution flaw in Microsoftâs Notepad text editor. Ormandy reported the issue to Microsoft and will wait 90 days according to Google vulnerability […]
Roughly one million devices are vulnerable to attacks exploiting the BlueKeep Windows vulnerability and hackers are ready to hit them. Yesterday I reported the discovery made by experts at GreyNoise that detected scans for systems vulnerable to the BlueKeep (CVE-2019-0708) vulnerability. The scans were first detected on May 25, 2019, experts explained that a single […]
Several products made by Siemens Healthineers are affected by a recently patched Windows BlueKeep vulnerability (CVE-2019-0708). The BlueKeep issue is a remote code execution vulnerability in Remote Desktop Services (RDS) that it can be exploited by an unauthenticated attacker by connecting to the targeted system via the RDP and sending specially crafted requests. As explained by […]
GreyNoise experts detected scans for systems vulnerable to the BlueKeep (CVE-2019-0708) vulnerability from exclusively Tor exit nodes. Microsoft Patch Tuesday updates for May 2019 address nearly 80 vulnerabilities, including an RDS vulnerability dubbed BlueKeep that can be exploited to carry out WannaCry-like attack. The issue is a remote code execution flaw in Remote Desktop Services (RDS) that it can […]
Security experts at Sophos have detected a wave of attacks targeting Windows servers that are running MySQL databases with the intent of delivering the GandCrab ransomware Sophos researchers have observed a wave of attacks targeting Windows servers that are running MySQL databases, threat actors aim at delivering the GandCrab ransomware. This is the first time […]