Zero-Day Windows Vulnerability Enables Threat Actors To Gain Admin Rights
What Happened? Security researcher Abdelhamid Naceri discovered a privilege escalation vulnerability in Microsoft Windows that can give admin rights to threat actors. The vul...
Read MoreMicrosoft MSHTML CVE-2021-40444 Zero-Day Targets Windows Users
What Happened Microsoft, Mandiant and EXPMON researchers discovered a set of flaws in MSHTML (Internet Explorer’s browser engine) that remote, unauthenticated attackers can use ...
Read MoreNTLM Relay Attack PetitPotam Targets AD Certificate Services
What Happened? Lionel Gilles, a French-based Offensive Computer Security researcher at Sogeti, an IT services company based in Paris, France (@topotam77 on Twitter), recently publ...
Read MoreSAM Database Accessible To Non-Admins In Windows 10 (aka HiveNightmare)
What Happened? On July 13, Microsoft released CVE-2021-33757, which enabled AES encryption by default to the remote protocol connection for MS-SAMR to mitigate the downgrade to RC...
Read MoreLessons Learned From REvil’s Ransomware Attack On Kaseya
On Friday, July 2, a vulnerability in Kaseya’s on-premises VSA software was used to launch a REvil “supply-chain” ransomware attack. The attack impacted 50 MSPs and up to 1,5...
Read MoreVerizon’s DBIR 2021 Highlights Threat Detection and Response
The 2021 edition of Verizon’s Data Breach Investigations Report (DBIR) highlighted the rise of ransomware and the importance of security monitoring, among other key cybersecurity...
Read More