What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in Exploit

APT Exploits Microsoft Zerologon Bug: Targets Japanese Companies

Threat actors mount year-long campaign of espionage, exfiltrating data, stealing credentials and installing backdoors on victims’ networks. China-backed APT Cicada joins the list of threat actors leveraging the Microsoft Zerologon bug to stage attacks against their targets. In this case, victims are large and well-known Japanese organizations and their subsidiaries, . . . Read more

S3 Ep5: Chrome, Flash and malware for sale [Podcast]

by Paul Ducklin In this episode: a zero-day bug in Chrome for Android, the imminent death of Adobe Flash, the evolution of “malware-as-a-service“, and the malware risks from image search. Also (oh! no!), why you should take care before you pair. Presenters: Kimberly Truong, Doug Aamoth and Paul Ducklin. Intro . . . Read more

Oracle Solaris Zero-Day Attack Revealed

A threat actor is compromising telecommunications companies and targeted financial and professional consulting industries using an Oracle flaw. A previously known threat group, called UNC1945, has been compromising telecommunications companies and targeting financial and professional consulting industries, by exploiting a security flaw in Oracle’s Solaris operating system. Researchers said that . . . Read more

Microsoft Warns Threat Actors Continue to Exploit Zerologon Bug

Tech giant and feds this week renewed their urge to organizations to update Active Directory domain controllers. Threat attackers continue to exploit the Microsoft Zerologon vulnerability, a situation that’s been a persistent worry to both the company and the U.S. government over the last few months. Both on Thursday renewed . . . Read more

Critical SonicWall VPN Portal Bug Allows DoS, Worming RCE

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.