Several security experts have developed PoC exploits for wormable Windows RDS flaw tracked as CVE-2019-0708 and dubbed BlueKeep. Experts have developed several proof-of-concept (PoC) exploits for the recently patched Windows Remote Desktop Services (RDS) vulnerability tracked as CVE-2019-0708 and dubbed BlueKeep. One of the PoC exploits could be used for remote code execution on vulnerable […]
Antivirus solutions from different vendors are having malfunctions after the installation of Windows security patches released on April 9, including McAfee, Avast and Sophos. Antivirus solutions from different vendors are showing malfunctions after the installation of Windows security patches released on April 9. Antivirus solutions from Sophos, Avira, ArcaBit, Avast, and recently McAfee reported security […]
A recently fixed local privilege escalation flaw in windows (CVE-2019-0803) had been exploited by bad actors to deliver PowerShell Backdoor. April 2019 Patch Tuesday security updates addressed a local privilege escalation flaw in Windows operating system, tracked as CVE-2019-0859 that had been exploited by threat actors to deliver a PowerShell backdoor. The flaw could allow […]
Commando VM — Turn Your Windows Computer Into A Hacking Machine FireEye released Commando VM, a Windows-based security distribution designed for penetration testers that intend to use the Microsoft OS. FireEye released Commando VM, the Windows-based security distribution designed for penetration testing and red teaming. FireEye today released an automated installer called Commando VM (Complete Mandiant Offensive […]
Microsoft has announced the availability of Defender ATP Endpoint Security for Apple macOS Microsoft has announced the availability of Microsoft 365 advanced endpoint security solution across platforms, with the support of Apple Mac it added to Microsoft Defender Advanced Threat Protection (ATP). Microsoft Windows Defender ATP was first introduced in 2016 as a defensive solution […]
James Forshaw, a white hat hacker at Google Project Zero, has discovered a new class of bugs that affect Windows and some of its drivers. Google Project Zero hacker James Forshaw discovered a new class of flaws that reside in some of the kernel mode drivers in Windows that could allow attackers to escalate privileges. […]
Experts from Qihoo 360 disclosed technical details of the actively exploited Windows zero-day flaw CVE-2019-0808 recently patched by Microsoft. Researchers at the security firm Qihoo 360 disclosed technical details of the zero-day vulnerability CVE-2019-0808 that was recently patched by Microsoft. The vulnerability was reported to Microsoft by researchers from Google’s Threat Analysis Group that observed […]
Google this week revealed a Windows zero-day that is being actively exploited in targeted attacks alongside a recently fixed Chrome flaw. Google this week disclosed a Windows zero-day vulnerability that is being actively exploited in targeted attacks alongside a recently addressed flaw in Chrome flaw (CVE-2019-5786). The Windows zero-day vulnerability is a local privilege escalation […]
Windows servers running Internet Information Services (IIS) are vulnerable to denial-of-service (DoS) attacks carried out through malicious HTTP/2 requests. Microsoft revealed that Windows servers running Internet Information Services (IIS) are vulnerable to denial-of-service (DoS) attacks. Attackers can trigger a DoS condition by sending specially crafted HTTP/2 requests, the CPU usage will temporarily spike to 100% […]
A security expert discovered a zero-day flaw in the processing of VCard files that could be exploited by a remote attacker to compromise a Windows PC The security expert John Page (@hyp3rlinx), discovered a zero-day vulnerability in the processing of VCard files that could be exploited by a remote attacker, under certain conditions, to hack Windows […]