New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor’s ultimate goal of taking over corporate networks. […]
Source: Read More (BleepingComputer)
New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor’s ultimate goal of taking over corporate networks. […]
Source: Read More (BleepingComputer)
Oracle on Tuesday announced the release of its latest quarterly Critical Patch Update (CPU), which includes a total of 419 security patches for vulnerabilities across the company’s portfolio. Just over half of the patches address vulnerabilities that could be exploited remotely without authentication, Oracle announced. read more Source: Read More (SecurityWeek RSS Feed)
Even as the TrickBot infrastructure closed shop, the operators of the malware are continuing to refine and retool their arsenal to carry out attacks that culminated in the deployment of Conti ransomware. IBM Security X-Force, which discovered the revamped version of the criminal gang’s AnchorDNS backdoor, dubbed the new, upgraded variant AnchorMail. AnchorMail “uses an email-based [ […]
Microsoft has fixed a vulnerability in Azure Container Instances called Azurescape that allowed a malicious container to take over containers belonging to other customers on the platform. […] Source: Read More (BleepingComputer)