Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

Credit to Author: Katie McCafferty| Date: Sat, 01 Oct 2022 04:21:00 +0000

MSTIC observed activity related to a single activity group in August 2022 that achieved initial access and compromised Exchange servers by chaining CVE-2022-41040 and CVE-2022-41082 in a small number of targeted attacks.

The post Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082 appeared first on Microsoft Security Blog.

Read more

Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706

Credit to Author: Paul Oliveria| Date: Wed, 13 Jul 2022 16:00:00 +0000

Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple, and fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates on May 16, 2022.

The post Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 appeared first on Microsoft Security Blog.

Read more

Security vulnerabilities: 5 times that organizations got hacked

Credit to Author: Bill Cozens| Date: Tue, 21 Jun 2022 10:04:02 +0000

In this post, we break down 5 times hackers used security vulnerabilities in 2021 to attack governments and businesses.

The post Security vulnerabilities: 5 times that organizations got hacked appeared first on Malwarebytes Labs.

Read more

Sysrv botnet is out to mine Monero on your Windows and Linux servers

Credit to Author: Pieter Arntz| Date: Wed, 18 May 2022 12:55:00 +0000

The Sysrv botnet has been developing over the last years, and has become a multi-platform botnet that specializes in Monero cryptomining.

The post Sysrv botnet is out to mine Monero on your Windows and Linux servers appeared first on Malwarebytes Labs.

Read more

Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn

Credit to Author: Katie McCafferty| Date: Tue, 26 Apr 2022 16:00:00 +0000

Microsoft has discovered several vulnerabilities, collectively referred to as Nimbuspwn, that could be chained together, allowing an attacker to elevate privileges to root on many Linux desktop endpoints. Leveraging Nimbuspwn as a vector for root access could allow attackers to achieve greater impact on vulnerable devices by deploying payloads and performing other malicious actions via arbitrary root code execution.

The post Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn appeared first on Microsoft Security Blog.

Read more

SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965

Credit to Author: Paul Oliveria| Date: Tue, 05 Apr 2022 01:11:24 +0000

Microsoft provides guidance for customers looking for protection against exploitation and ways to detect vulnerable installations on their network of the critical vulnerability CVE-2022-22965, also known as SpringShell or Spring4Shell.

The post SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965 appeared first on Microsoft Security Blog.

Read more