Author: nlqip
MS-ISAC ADVISORY NUMBER: 2024-084 DATE(S) ISSUED: 07/23/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated…
Read More
‘I think we are in this phase where we have to deeply work and make sure on these use cases and these work flows we are driving deeper progress in unlocking value, which I’m bullish will happen. But these things take time,’ says Alphabet CEO Sundar Pichai. Google parent company Alphabet is uniquely well-positioned for…
Read More
The Chinese hacking group tracked as ‘Evasive Panda’ was spotted using new versions of the Macma backdoor and the Nightdoor Windows malware. Symantec’s threat hunting team spotted the cyber espionage attacks targeting organizations in Taiwan and an American non-governmental organization in China. In the latter case, Evasive Panda (aka ‘Daggerfly’ or ‘Bronze Highland’) exploited a…
Read More
Threat actors are taking advantage of the massive popularity of the Hamster Kombat game, targeting players with fake Android and Windows software that install spyware and information-stealing malware. Hamster Kombat is a clicker mobile game for Android where players earn fictional currency by completing simple tasks, primarily by tapping the screen. Launched in March 2024,…
Read More
As Jim Jackson, a 26-year HPE and HP veteran, prepares to retire August 1, his responsibilities will be combined with HPE’s chief communications officer under Jennifer Temple, who going forward will be HPE’s executive vice president and chief marketing and communications officer. Hewlett Packard Enterprise Tuesday said it will combine its chief marketing officer and…
Read More
Microsoft has released the July 2024 preview update for Windows 10, version 22H2, with fixes for Windows Defender Application Control (WDAC) issues causing app crashes and system memory exhaustion. KB5040525 is a monthly optional cumulative update that helps Windows administrators test fixes and improvements that will be included with the August 2024 Patch Tuesday release.…
Read More
Despite 10 percent revenue growth in its second quarter, the application giant now says the corporate-wide restructuring of the company’s workforce, launched earlier this year, will affect as many as 10,000 employees, up from earlier estimates of 8,000 jobs. Software developer SAP says the number of jobs impacted by a restructuring plan launched in January…
Read More
Anatomy of the Ukrainian attack In the Ukrainian attack, investigators believe that hackers broke into the district energy company’s network by exploiting a vulnerability in a Mikrotik router, with the initial access happening in April 2023. They then deployed a webshell on the router’s web server to enable remote access and tunnel into the network.…
Read More
Many questions remain about the ultimate cause of the outage and the impact it will have on CrowdStrike going forward. While progress continued to be made on the recovery from the CrowdStrike-caused global IT outage Tuesday, many questions remain. The cybersecurity giant’s defective configuration update led to the “blue screen of death” for Microsoft Windows…
Read More
ESET Research ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos 22 Jul 2024 • , 6 min. read ESET researchers discovered a zero-day exploit that targets Telegram for Android, which appeared for sale for an unspecified price in an underground forum post from June 6th, 2024.…
Read More