Original release date: June 30, 2021 | Last revised: July 01, 2021 (Updated July 1, 2021) See Microsoft’s new guidance for the Print spooler vulnerability (CVE-2021-34527) and apply the necessary workarounds. (Original post June 30, 2021) The CERT Coordination Center (CERT/CC) has released a VulNote for a critical remote code execution vulnerability in the Windows Print spooler service, noting: “while Microsoft has…
DetailsPosted on 2020-05-14 by guenni There is a CVE-2020-1048 vulnerability in Windows print spooler that could allow malicious software to gain elevated privileges. But a patch is available since May 12, 2020, and there are a few restriction to misuse that flaw. Here is a brief overview what to know, including a discussion, how critical the vulnerability is.…
DetailsCREATED 1 DAY AGO MODIFIED 19 HOURS AGO by AlienVault Public TLP: White Guardicore reveals new details in the Indexsinas SMB worm, which infects servers across the world and threatens the security of the entire internet, and is being used to propagate the attack. REFERENCES: https://www.guardicore.com/labs/smb-wormindexsinas/https://github.com/guardicore/labs_campaigns/blob/master/Indexsinas/files.md TAGS:doublepulsar, indexsinas, equation group, Worm, SMB, EternalBlue, NSABuffMiner INDUSTRIES:Telecommunication, Government, Medical, Telecommunications, Education, Hospitality, Healthcare MALWARE FAMILIES:DoublePulsar, Equation, Indexsinas ATT&CK IDS:T1036 – Masquerading, T1040 – Network Sniffing, T1046 – Network…
DetailsCREATED 1 DAY AGO by AlienVault Public TLP: White On 2021-06-22, Netlab detected that a mirai_pteamirai variant sample Netlab named was spread through an unknown vulnerability. After analysis, the vulnerability is an undisclosed vulnerability of KGUARD DVR . From Netlab’s analysis, the vulnerability exists in the 2016 firmware version. All firmware manufacturers that we can find after 2017 have…
DetailsCREATED 20 HOURS AGO by dekaRituraj Public TLP: White Cybersecurity researchers are warning of ongoing attacks coordinated by a suspected Chinese-speaking threat actor targeting the Afghanistan government as part of an espionage campaign that may have had its provenance as far back as 2014. Israeli cybersecurity firm Check Point Research attributed the intrusions to a hacking group tracked under…
Details