Author Topic: Technical (Read 1397292 times)

Asyn · « **Reply #4125 on:** May 29, 2022, 10:55:08 AM »

Unknown APT group has targeted Russia repeatedly since Ukraine invasion
https://blog.malwarebytes.com/malwarebytes-news/2022/05/unknown-apt-group-has-targeted-russia-repeatedly-since-ukraine-invasion/

Asyn · « **Reply #4126 on:** May 29, 2022, 05:38:01 PM »

New Research Paper: Pre-hijacking Attacks on Web User Accounts
https://msrc-blog.microsoft.com/2022/05/23/pre-hijacking-attacks/
https://arxiv.org/abs/2205.10174

Asyn · « **Reply #4127 on:** May 30, 2022, 09:24:20 AM »

ERMAC Back In Action - Latest Version of Android Banking Trojan Targets over 400 Applications
https://blog.cyble.com/2022/05/25/ermac-back-in-action/

bob3160 · « **Reply #4128 on:** May 30, 2022, 11:53:29 AM »

Key takeaways from Verizon's 2022 data breach report
https://blog.avast.com/verizon-2022-data-breach-report

Asyn · « **Reply #4129 on:** May 30, 2022, 03:41:31 PM »

Clop ransomware gang is back, hits 21 victims in a single month
https://www.bleepingcomputer.com/news/security/clop-ransomware-gang-is-back-hits-21-victims-in-a-single-month/

Asyn · « **Reply #4130 on:** May 31, 2022, 11:10:26 AM »

New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices
https://www.trendmicro.com/en_us/research/22/e/new-linux-based-ransomware-cheerscrypt-targets-exsi-devices.html

Asyn · « **Reply #4131 on:** May 31, 2022, 01:17:20 PM »

Follina — a Microsoft Office code execution vulnerability
https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e

Asyn · « **Reply #4132 on:** May 31, 2022, 05:15:26 PM »

New Windows Subsystem for Linux malware steals browser auth cookies
https://www.bleepingcomputer.com/news/security/new-windows-subsystem-for-linux-malware-steals-browser-auth-cookies/

Asyn · « **Reply #4133 on:** June 01, 2022, 10:05:31 AM »

Quote from: Asyn on May 31, 2022, 01:17:20 PM

Follina — a Microsoft Office code execution vulnerability
https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e

https://www.bleepingcomputer.com/news/security/new-microsoft-office-zero-day-used-in-attacks-to-execute-powershell/
https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug

Asyn · « **Reply #4134 on:** June 01, 2022, 11:35:29 AM »

Quote from: Asyn on June 01, 2022, 10:05:31 AM

Quote from: Asyn on May 31, 2022, 01:17:20 PM
Follina — a Microsoft Office code execution vulnerability
https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e
https://www.bleepingcomputer.com/news/security/new-microsoft-office-zero-day-used-in-attacks-to-execute-powershell/
https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug

Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability
https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/

bob3160 · « **Reply #4135 on:** June 01, 2022, 01:18:46 PM »

Quote from: Asyn on June 01, 2022, 11:35:29 AM

Quote from: Asyn on June 01, 2022, 10:05:31 AM
Quote from: Asyn on May 31, 2022, 01:17:20 PM
Follina — a Microsoft Office code execution vulnerability
https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e
https://www.bleepingcomputer.com/news/security/new-microsoft-office-zero-day-used-in-attacks-to-execute-powershell/
https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug
Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability
https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/

Defender has been updated to protect against this vulnerability. Has Avast done the same?

Asyn · « **Reply #4136 on:** June 01, 2022, 01:47:27 PM »

Quote from: bob3160 on June 01, 2022, 01:18:46 PM

Quote from: Asyn on June 01, 2022, 11:35:29 AM
Quote from: Asyn on June 01, 2022, 10:05:31 AM
Quote from: Asyn on May 31, 2022, 01:17:20 PM
Follina — a Microsoft Office code execution vulnerability
https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e
https://www.bleepingcomputer.com/news/security/new-microsoft-office-zero-day-used-in-attacks-to-execute-powershell/
https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug
Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability
https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/
Defender has been updated to protect against this vulnerability. Has Avast done the same?

Hi Bob, yes: https://www.virustotal.com/gui/file/4a24048f81afbe9fb62e7a6a49adbd1faf41f266b5f9feecdceb567aec096784?nocache=1

bob3160 · « **Reply #4137 on:** June 01, 2022, 03:13:46 PM »

Thanks Asyn, I should have thought of that. (Old age?)

Asyn · « **Reply #4138 on:** June 02, 2022, 10:31:58 AM »

Quote from: Asyn on June 01, 2022, 11:35:29 AM

Quote from: Asyn on June 01, 2022, 10:05:31 AM
Quote from: Asyn on May 31, 2022, 01:17:20 PM
Follina — a Microsoft Office code execution vulnerability
https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e
https://www.bleepingcomputer.com/news/security/new-microsoft-office-zero-day-used-in-attacks-to-execute-powershell/
https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug
Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability
https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/

Windows MSDT zero-day vulnerability gets free unofficial patch
https://www.bleepingcomputer.com/news/security/windows-msdt-zero-day-vulnerability-gets-free-unofficial-patch/

Asyn · « **Reply #4139 on:** June 02, 2022, 03:01:09 PM »

Mobile trojan detections rise as malware distribution level declines
https://www.bleepingcomputer.com/news/security/mobile-trojan-detections-rise-as-malware-distribution-level-declines/

Author Topic: Technical (Read 1397292 times)

Asyn

Re: Technical

Asyn

Re: Technical

Asyn

Re: Technical

bob3160

Re: Technical

Asyn

Re: Technical

Asyn

Re: Technical

Asyn

Re: Technical

Asyn

Re: Technical

Asyn

Re: Technical

Asyn

Re: Technical

bob3160

Re: Technical

Asyn

Re: Technical

bob3160

Re: Technical

Asyn

Re: Technical

Asyn

Re: Technical