Credit to Author: Paul Ducklin| Date: Mon, 30 May 2022 23:01:55 +0000
News has emerged of a “feature” in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn’t help!
Read more
Credit to Author: Paul Ducklin| Date: Mon, 30 May 2022 23:01:55 +0000
News has emerged of a “feature” in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn’t help!
Read more
Credit to Author: Jon Gold| Date: Wed, 25 May 2022 12:45:00 -0700
While elevated privilege attacks remain a critical security concern when using Microsoft products, a new report says that the raw number of vulnerabilities is dropping.
Read moreCredit to Author: Malwarebytes Labs| Date: Wed, 25 May 2022 15:48:19 +0000
Malware attacks against Linux systems are on the rise. And when it comes to bot malware, XorDDoS is the frontrunner.
The post Massive increase in XorDDoS Linux malware in last six months appeared first on Malwarebytes Labs.
Read moreCredit to Author: Katie McCafferty| Date: Fri, 27 May 2022 16:00:00 +0000
Microsoft uncovered high-severity vulnerabilities in a mobile framework used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote or local attacks.
The post Android apps with millions of downloads exposed to high-severity vulnerabilities appeared first on Microsoft Security Blog.
Read more
Credit to Author: Paul Ducklin| Date: Fri, 20 May 2022 22:35:09 +0000
Remember the good old days when security patches rarely needed patches? Because security patches themlelves were rare enough anyway?
Read moreCredit to Author: Katie McCafferty| Date: Thu, 19 May 2022 16:00:00 +0000
Observing a 254% increase in activity over the last six months from a versatile Linux trojan called XorDdos, the Microsoft 365 Defender research team provides in-depth analysis into this stealthy malware’s capabilities and key infection signs.
The post Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices appeared first on Microsoft Security Blog.
Read moreCredit to Author: Jovi Umawing| Date: Tue, 17 May 2022 14:41:32 +0000
A little-used feature of web addresses is being used to obfuscate malicious phishing URLs.
The post Long lost @ symbol gets new life obscuring malicious URLs appeared first on Malwarebytes Labs.
Read more
Credit to Author: Susan Bradley| Date: Mon, 16 May 2022 09:00:00 -0700
It’s the third week of the month — the week we find out whether Microsoft acknowledges any side effects it’s investigating as part of the monthly patch-release process.
First, a bit of background. Microsoft has released patches for years. But they haven’t always been released on a schedule. In the early days, Microsoft would release updates any day of the week. Then in October 2003, Microsoft formalized the release of normal security updates on the second Tuesday of the month. Thus was born Patch Tuesday. (Note: depending on where you are in the world, Patch Tuesday may be a Patch Wednesday.) The following day, or in some cases, over the next week, users and admins report issues with updates — and Microsoft finally acknowledges that, yes, there are issues.
Credit to Author: Malwarebytes Labs| Date: Mon, 16 May 2022 10:01:04 +0000
The most important and interesting computer security stories from the last seven days.
The post A week in security (May 9 – 15) appeared first on Malwarebytes Labs.
Read more