New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor’s ultimate goal of taking over corporate networks. […]
Source: Read More (BleepingComputer)
You might be interested in …
[SecurityWeek] Oracle’s October 2021 CPU Includes 419 Security Patches
Oracle on Tuesday announced the release of its latest quarterly Critical Patch Update (CPU), which includes a total of 419 security patches for vulnerabilities across the company’s portfolio. Just over half of the patches address vulnerabilities that could be exploited remotely without authentication, Oracle announced. read more Source: Read More (SecurityWeek RSS Feed)
[HackerNews] Trickbot Malware Gang Upgrades its AnchorDNS Backdoor to AnchorMail
Even as the TrickBot infrastructure closed shop, the operators of the malware are continuing to refine and retool their arsenal to carry out attacks that culminated in the deployment of Conti ransomware. IBM Security X-Force, which discovered the revamped version of the criminal gang’s AnchorDNS backdoor, dubbed the new, upgraded variant AnchorMail. AnchorMail “uses an email-based [ […]
[BleepingComputer] Microsoft fixes bug letting hackers take over Azure containers
Microsoft has fixed a vulnerability in Azure Container Instances called Azurescape that allowed a malicious container to take over containers belonging to other customers on the platform. […] Source: Read More (BleepingComputer)