Microsoft fixes drop in number for October, 2019 updates

Credit to Author: SophosLabs Offensive Security| Date: Wed, 09 Oct 2019 20:00:31 +0000

A relatively low number of vulnerabilities were addressed in this month’s Windows update rollups<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/kC7qjGbuUh8″ height=”1″ width=”1″ alt=””/>

Read more

Lemon_Duck PowerShell malware cryptojacks enterprise networks

Credit to Author: rajeshnataraj| Date: Tue, 01 Oct 2019 04:01:09 +0000

SophosLabs are monitoring a significant spike in crypto mining attacks, which spread quickly across enterprise networks. Starting from a single infection, these attacks use a variety of malicious scripts that, eventually, turn an enterprise&#8217;s large pool of CPU resources into efficient cryptocurrency mining slaves. The threat actors behind these campaigns have been using an array [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/jF91Bgk0dso” height=”1″ width=”1″ alt=””/>

Read more

‘Fleeceware’ apps overcharge users for basic app functionality

Credit to Author: Jagadeesh Chandraiah| Date: Wed, 25 Sep 2019 14:01:49 +0000

Unscrupulous publishers take advantage of Play Market policy loopholes to charge app users hundreds of dollars<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/JvVQVZv0-tI” height=”1″ width=”1″ alt=””/>

Read more

August, 2019 Patch Tuesday Targets Remote Desktop and Active Directory

Credit to Author: SophosLabs Offensive Security| Date: Fri, 30 Aug 2019 16:28:14 +0000

Among the 94 vulnerabilities fixed this month by Microsoft, 29 are rated as Critical. Most importantly, the Remote Desktop Protocol (RDP) and its associated service (RDS) collect a total of 6 CVEs, which seems to show a renewed interest in the RDP protocol by vulnerability researchers; two of those classified as wormable (CVE-2019-1181 and CVE-2019-1182) [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/1hDq4cmGQ80″ height=”1″ width=”1″ alt=””/>

Read more

‘Oto Gonderici’ Excel formula injections target Turkish victims

Credit to Author: Gabor Szappanos| Date: Thu, 11 Jul 2019 16:05:59 +0000

A criminal relentlessly attacks Turkish targets with a novel maldoc trick, mostly staying under the radar<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/FKW687qu7ac” height=”1″ width=”1″ alt=””/>

Read more

A new Equation Editor exploit goes commercial, as maldoc attacks using it spike

Credit to Author: Gabor Szappanos| Date: Thu, 18 Jul 2019 16:00:18 +0000

Weaponized RTF documents adopt CVE-2018-0798, another Equation Editor vulnerability<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/ltjXsAajVFc” height=”1″ width=”1″ alt=””/>

Read more