Kaseya zero-day involved in ransomware attack, patches coming
therecord.media/kaseya-zero-day-involved-in-ransomware-attack-patches-coming/ Remote management software vendor Kaseya said it identified and is currently mitigating a vulnerability that was abused in a recent incident that saw ransomware deployed on the networks of thousands of companies worldwide. Lisäksi:
Kaseya was fixing zero-day just as REvil ransomware sprung their attack
www.bleepingcomputer.com/news/security/kaseya-was-fixing-zero-day-just-as-revil-ransomware-sprung-their-attack/ The vulnerability had been previously disclosed to Kaseya by security researchers from the Dutch Institute for Vulnerability Disclosure (DIVD), and Kaseya was validating the patch before they rolled it out to customers.
Windows Update bug blocks Azure Virtual Desktops security updates
www.bleepingcomputer.com/news/microsoft/windows-update-bug-blocks-azure-virtual-desktops-security-updates/ Microsoft is working to fix a known issue blocking Azure Virtual Desktops devices from downloading downloading and installing recent security updates via Windows Server Update Services (WSUS).
TrickBot: New attacks see the botnet deploy new banking module, new ransomware
therecord.media/trickbot-new-attacks-see-the-botnet-deploy-new-banking-module-new-ransomware/ Over the course of the past few weeks, new activity has been observed from TrickBot, one of today’s largest malware botnets, with reports that its operators have helped create a new ransomware strain called Diavol and that the TrickBot gang is returning to its roots as a banking trojan with a new and updated banking module.
Mysterious Node.js malware puzzles security researchers
therecord.media/mysterious-node-js-malware-puzzles-security-researchers/ Almost four months after it was first spotted in the wild, the infosec community is still scratching its head in regards to the purpose of a new malware strain named Lu0bot.
Detection and Mitigation Advice for PrintNightmare
www.lares.com/blog/detection-and-mitigation-advice-for-printnightmare/ PrintNightmare(CVE-2021-34527) was released as a proof of concept this week on Github. This post highlights how the exploit PoCs released on Github work and how the specific vulnerability can be fixed and detected. The vulnerability itself was found and published by Zhipeng Huo (@R3dF09), Piotr Madej, and Yunhai Zhang