[SecurityWeek] Hacked SolarWinds Software Lacked Basic Anti-Exploit Mitigation: Microsoft

Software vendor SolarWinds failed to enable an anti-exploit mitigation available since the launch of Windows Vista 15 years ago, an oversight that made it easy for attackers to launch targeted malware attacks in July this year.

read more

Source: Read More (SecurityWeek RSS Feed)

You might be interested in …

[NCSC-FI News] Three new ICS threat groups discovered, one primed to disrupt energy targets

Dragos detailed three new threat groups targeting industrial control systems in its annual report, including one technologically adept group that seems to be scouting out potential disruptive attacks in the energy sector. Source: Read More (NCSC-FI daily news followup)

Read More

[NCSC-FI News] GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens

Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations “An attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including NPM,” […]

Read More

[HackerNews] Attackers Can Remotely Disable Fortress Wi-Fi Home Security Alarms

All posts, HackerNews

New vulnerabilities have been discovered in Fortress S03 Wi-Fi Home Security System that could be potentially abused by a malicious party to gain unauthorized access with an aim to alter system behavior, including disarming the devices without the victim’s knowledge. The two unpatched issues, tracked under the identifiers CVE-2021-39276 (CVSS score: 5.3) and CVE-2021-39277 (CVSS […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.