■■■■□ Windows 11 will let you run Android apps directly on the desktop.
● This could be a goldmine for system compromise, if anything is done improperly by the devs.
https://www.bleepingcomputer.com/news/microsoft/windows-11-will-let-you-run-android-apps-directly-on-the-desktop/
● This could be a goldmine for system compromise, if anything is done improperly by the devs.
https://www.bleepingcomputer.com/news/microsoft/windows-11-will-let-you-run-android-apps-directly-on-the-desktop/
BleepingComputer
Windows 11 will let you run Android apps directly on the desktop
With Microsoft's announcement of Windows 11 today, they also revealed that users would soon be able to run Android apps directly on the desktop.
■■■■□ CVE-2021-21999: VMware Workstation Tools Uncontrolled Search Path Element Local Privilege Escalation Vulnerability.
https://www.zerodayinitiative.com/advisories/ZDI-21-754/
https://www.vmware.com/security/advisories/VMSA-2021-0013.html
Credits: Zeeshan Shaikh ( https://www.bugzzzhunter.com/ )
https://www.zerodayinitiative.com/advisories/ZDI-21-754/
https://www.vmware.com/security/advisories/VMSA-2021-0013.html
Credits: Zeeshan Shaikh ( https://www.bugzzzhunter.com/ )
■■■□□ A "high-level" member of FIN7 has been sentenced to a seven-year term for his role in the cybercriminal group.
https://www.zdnet.com/article/pen-tester-fin7-hacking-group-member-sent-behind-bars-for-seven-years
https://www.zdnet.com/article/pen-tester-fin7-hacking-group-member-sent-behind-bars-for-seven-years
ZDNet
‘Pen tester’ FIN7 hacking group member lands seven-year prison term
The “high-level” member must also pay $2.5 million in damages.
■■■■□ Western Digital critical flaw allows remote wiping via reset functionality abuse.
https://go.theregister.com/feed/www.theregister.com/2021/06/25/western_digital_nas_wiped/
https://go.theregister.com/feed/www.theregister.com/2021/06/25/western_digital_nas_wiped/
The Register
Pull your Western Digital My Book Live NAS off the internet now if you value your files
Storage giant fingers 'critical' bug allowing remote factory resets that wipe contents
■■■■□ Dell SecureAssist contained RCE flaw allowing miscreants to remotely reflash your BIOS with code of their creation.
https://go.theregister.com/feed/www.theregister.com/2021/06/25/dell_secureassist_biosconnect_vulns_rce/
https://go.theregister.com/feed/www.theregister.com/2021/06/25/dell_secureassist_biosconnect_vulns_rce/
The Register
Dell SupportAssist contained RCE flaw allowing miscreants to remotely reflash your BIOS with code of their creation
And it affects 129 models of PC and laptop... or about 30 million computers
■■■■□ Microsoft admits to signing rootkit malware in supply-chain fiasco.
https://www.bleepingcomputer.com/news/security/microsoft-admits-to-signing-rootkit-malware-in-supply-chain-fiasco/
https://www.bleepingcomputer.com/news/security/microsoft-admits-to-signing-rootkit-malware-in-supply-chain-fiasco/
BleepingComputer
Microsoft admits to signing rootkit malware in supply-chain fiasco
Microsoft has now confirmed signing a malicious driver being distributed within gaming environments. This driver, called "Netfilter," is in fact a rootkit that was observed communicating with Chinese command-and-control IPs.
■■■□□ DFIR – Windows and Active Directory persistence and malicious configurations.
https://m365internals.com/2021/06/23/dfir-windows-and-active-directory-persistence-and-malicious-configurations/amp/
https://m365internals.com/2021/06/23/dfir-windows-and-active-directory-persistence-and-malicious-configurations/amp/
■■■□□ REvil Hits French Connection, Grupo Fleury.
https://securityboulevard.com/2021/06/revil-hits-french-connection-grupo-fleury/
https://securityboulevard.com/2021/06/revil-hits-french-connection-grupo-fleury/
Security Boulevard
REvil Hits French Connection, Grupo Fleury
The REvil ransomware gang continues its destructive trek around the globe, routing out and exploiting vulnerabilities at (often) high-profile targets. One
■■■□□ Hackers target Cisco ASA devices after a PoC exploit code was published online.
https://securityaffairs.co/wordpress/119442/hacking/cisco-asa-under-attack.html
https://securityaffairs.co/wordpress/119442/hacking/cisco-asa-under-attack.html
Security Affairs
Hackers target Cisco ASA after a PoC exploit code was published online
Experts warn of attacks against Cisco ASA devices after researchers have published a PoC exploit code on Twitter for a known XSS flaw.
■■■□□ An open-source application called WhyNotWin11 acts as a better drop-in replacement for Microsoft's PC Health Check app to determine if your hardware is compatible with Windows 11.
■■□□□ Russia 🇷🇺: Microsoft: Russia-linked SolarWinds hackers breached three new entities.
https://securityaffairs.co/wordpress/119425/apt/solarwinds-nobelium-ongoing-campaign.html
https://securityaffairs.co/wordpress/119425/apt/solarwinds-nobelium-ongoing-campaign.html
Security Affairs
Microsoft: Russia-linked SolarWinds hackers breached three new entities
Microsoft discovered that Russia-linked SolarWinds hackers, tracked as Nobelium, have breached the network of three new organizations.
■■■■□ Black Shadow group that hacked the Israeli 🇮🇱 insurance company and leaked data of millions of its citizens hosts their website sharing the data publicly.
https://blackshadow.to/
https://blackshadow.to/
■■■□□ 📢 The REvil ransomware operation is now using a Linux encryptor that targets and encrypts Vmware ESXi virtual machines.
■■■■□ Analyzing CVE-2021-1665 – Remote Code Execution Vulnerability in Windows GDI+
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/analyzing-cve-2021-1665-remote-code-execution-vulnerability-in-windows-gdi/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/analyzing-cve-2021-1665-remote-code-execution-vulnerability-in-windows-gdi/
McAfee Blog
Analyzing CVE-2021-1665 – Remote Code Execution Vulnerability in Windows GDI+ | McAfee Blog
Introduction Microsoft Windows Graphics Device Interface+, also known as GDI+, allows various applications to use different graphics functionality on
■■■■■ PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service
https://github.com/afwu/PrintNightmare
https://github.com/afwu/PrintNightmare
■■■■□ Microsoft Edge Translator contained uXSS flaw exploitable ‘on any web page’.
https://portswigger.net/daily-swig/microsoft-edge-translator-contained-uxss-flaw-exploitable-on-any-web-page
https://portswigger.net/daily-swig/microsoft-edge-translator-contained-uxss-flaw-exploitable-on-any-web-page
portswigger.net
Web Application Security, Testing, & Scanning - PortSwigger
PortSwigger offers tools for web application security, testing, & scanning. Choose from a range of security tools, & identify the very latest vulnerabilities.