Tag: privilege escalation
Sneaky Shellcode: Windows Fibers Offer EDR-Proof Code Execution
Windows fibers, little-known components of Windows OS, represent a largely undocumented code-execution pathway that exists exclusively in usermode – and is therefore largely overlooked...
Breaking News
How Do We Integrate LLMs Security Into Application Development?
Question: What do we really know about large language model (LLM) security? And are we willingly opening the front door to chaos by using...
Cisco IOS Bugs Allow Unauthenticated, Remote DoS Attacks
Cisco has released security updates for its flagship IOS and IOS XE operating system software for networking gear, as well as patches for its...
FBI, CISA Release IoCs for Phobos Ransomware
The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have released details on the tactics and techniques threat actors are using to...
Redesigning the Network to Fend Off Living-Off-the-Land Tactics
With adversaries increasingly relying on legitimate tools to hide their malicious activities, enterprise defenders have to rethink the network architecture in order to detect...
Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs
Microsoft's scheduled Patch Tuesday security update for February includes fixes for two zero-day security vulnerabilities under active attack, plus 71 other flaws across a...
Raspberry Robin Jumps on 1-Day Bugs to Nest Deep in Windows Networks
The Raspberry Robin worm is incorporating one-day exploits almost as soon as they're developed, in order to improve on its privilege escalation capabilities. Researchers from...
FritzFrog Botnet Exploits Log4Shell on Overlooked Internal Hosts
A new variant of an advanced botnet called "FritzFrog" has been spreading via Log4Shell.It's been more than two years since the critical vulnerability in...
More Ivanti VPN Zero-Days Fuel Attack Frenzy as Patches Finally Roll
Ivanti has finally begun patching a pair of zero-day security vulnerabilities disclosed on Jan. 10 in its Connect Secure VPN appliances. However, it also...
‘CherryLoader’ Malware Allows Serious Privilege Execution
It's the pits for admins: Researchers have discovered a threat actor achieving admin-level access on targeted systems by deploying a new, sophisticated downloader and...
NSPX30: A sophisticated AitM-enabled implant evolving since 2005
ESET researchers provide an analysis of an attack carried out by a previously undisclosed China-aligned threat actor we have named Blackwood, and that we...
Patch Now: Critical Windows Kerberos Bug Bypasses Microsoft Security
Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of...
Executing Zero Trust in the Cloud Takes Strategy
Zero trust is a high-level strategy that assumes that individuals, devices, and services attempting to access company resources, both externally and internally, can't automatically...