β CVE-2018-8440 β Task Scheduler ALPC Zero-Day Exploit in the Wild β
π Read
via "Quick Heal Blog | Latest computer security news, tips, and advice".
Estimated reading time: 1 minuteThe recent zero-day vulnerability CVE-2018-8440 in Windows Task Scheduler enables attackers to perform a privilege elevation on targeted machines. Microsoft has released a security advisory CVE-2018-8440 on September 11, 2018 to address this issue. According to Microsoft, successful exploitation of this vulnerability could run arbitrary code in the security context of the local system. About the vulnerability CVE-2018-8440 is a local privilege escalation vulnerability in the Windows Task Schedulerβs Advanced Local Procedure Call (ALPC) interface. The ALPC endpoint in Windows task scheduler exports the SchRpcSetSecurity function, which allows us to set an arbitrary DACL without checking permissions. Exploiting the vulnerability ultimately allows a local unprivileged user to change the permissions of any file on the system. The exploit code release was announced on twitter, on 27th August 2018, by a security researcher who goes with the handle βSandboxEscaperβ. Within days, PowerPool malware was found using the exploit to infect users. Vulnerable versions Windows 7 Windows 8.1 Windows 10 Windows Server 2008, 2012 and 2016 Quick Heal detection Quick Heal has released the following detection for the vulnerability CVE-2018-8440: Trojan.Win64 Trojan.IGeneric Quick Heal Security Labs is actively looking for new in-the-wild exploits for this vulnerability and ensuring coverage for them. References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8440 Subject Matter Experts Sameer Patil | Quick Heal Security Labs The post CVE-2018-8440 β Task Scheduler ALPC Zero-Day Exploit in the Wild appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.π Read
via "Quick Heal Blog | Latest computer security news, tips, and advice".
Quick Heal Blog
CVE-2018-8440 β Task Scheduler ALPC Zero-Day Exploit in the Wild
The recent zero-day vulnerability CVE-2018-8440 in Windows Task Scheduler enables attackers to perform a privilege elevation on targeted...
π Awful military and government LinkedIn passwords highlight need for 2FA, new policies π
π Read
via "Security on TechRepublic".
Password inadequacy remains a top threat in internet security, according to a new report from WatchGuard Technologies.π Read
via "Security on TechRepublic".
TechRepublic
Awful military and government LinkedIn passwords highlight need for 2FA, new policies
Password inadequacy remains a top threat in internet security, according to a new report from WatchGuard Technologies.
π BlackBerry's ambitious target: Protecting everything from smartphones to cities π
π Read
via "Security on TechRepublic".
BlackBerry Security Summit London: CEO John Chen details how the company wants to harness machine learning and AI.π Read
via "Security on TechRepublic".
TechRepublic
BlackBerry's ambitious target: Protecting everything from smartphones to cities
BlackBerry Security Summit London: CEO John Chen details how the company wants to harness machine learning and AI.
π΄ 8 Cryptomining Malware Families to Keep on the Radar π΄
π Read
via "Dark Reading: ".
Cryptojacking attacks at the hands of cryptomining malware is on the rise as these variants of Trojans, worms, and exploit kits make their rounds.π Read
via "Dark Reading: ".
Dark Reading
Slideshows - Dark Reading
Dark Reading: Connecting The Information Security Community. Explore our slideshows.
β Osiris Banking Trojan Displays Modern Malware Innovation β
π Read
via "The first stop for security news | Threatpost ".
Osirisβ fundamental makeup positions it in the fore of malware trends, despite being based on old source code thatβs been knocking around for years.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Osiris Banking Trojan Displays Modern Malware Innovation
Osirisβ fundamental makeup positions it in the fore of malware trends, despite being based on old source code thatβs been knocking around for years.
β Apple Yet to Patch Safari Browser Address Bar Spoofing Flaw β
π Read
via "The first stop for security news | Threatpost ".
A flaw in Safari - that allows an attacker to spoof websites and trick victims into handing over their credentials - has yet to be patched.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Apple Yet to Patch Safari Browser Address Bar Spoofing Flaw
A flaw in Safari - that allows an attacker to spoof websites and trick victims into handing over their credentials - has yet to be patched.
π΄ Mobile Attack Rates Up 24% Globally, 44% in US π΄
π Read
via "Dark Reading: ".
One-third of all fraud targets are mobile, a growing source of all digital transactions.π Read
via "Dark Reading: ".
Dark Reading
Mobile Security recent news | Dark Reading
Explore the latest news and expert commentary on Mobile Security, brought to you by the editors of Dark Reading
π Use Android Pie lockdown mode π
π Read
via "Security on TechRepublic".
Jack Wallen activates and enables Android Pie's new lockdown mode.π Read
via "Security on TechRepublic".
TechRepublic
Use Android Pie lockdown mode
Jack Wallen activates and enables Android Pie's new lockdown mode.
π΄ 4 Trends Giving CISOs Sleepless Nights π΄
π Read
via "Dark Reading: ".
IoT attacks, budget shortfalls, and the skills gap are among the problems keeping security pros up at night.π Read
via "Dark Reading: ".
Darkreading
4 Trends Giving CISOs Sleepless Nights
IoT attacks, budget shortfalls, and the skills gap are among the problems keeping security pros up at night.
π΄ New Study Details Business Benefits of Biometrics π΄
π Read
via "Dark Reading: ".
Biometric authentication can be good for security and for business, according to a new study from Goode Intelligenceπ Read
via "Dark Reading: ".
Dark Reading
New Study Details Business Benefits of Biometrics
Biometric authentication can be good for security and for business, according to a new study from Goode Intelligence
β PowerShell Obfuscation Ups the Ante on Antivirus β
π Read
via "The first stop for security news | Threatpost ".
The development fits a trend that sees threat actors turning to well-known, commodity malware, overcoming its easy detection with ever-better obfuscation methods.π Read
via "The first stop for security news | Threatpost ".
Threat Post
PowerShell Obfuscation Ups the Ante on Antivirus
The development fits a trend that sees threat actors turning to well-known, commodity malware, overcoming its easy detection with ever-better obfuscation methods.
π΄ Creators of Tools for Building Malicious Office Docs Ditch Old Exploits π΄
π Read
via "Dark Reading: ".
In their place is a collection of new exploits for more recently disclosed - and therefore not likely widely patched - vulnerabilities.π Read
via "Dark Reading: ".
Dark Reading
Creators of Tools for Building Malicious Office Docs Ditch Old Exploits
In their place is a collection of new exploits for more recently disclosed - and therefore not likely widely patched - vulnerabilities.
π΄ Malware Campaign Targeting Jaxx Wallet Holders Shut Down π΄
π Read
via "Dark Reading: ".
A site spoofing the official Jaxx website was discovered packing several infections for Windows and Mac machines, and has been shut down.π Read
via "Dark Reading: ".
Darkreading
Malware Campaign Targeting Jaxx Wallet Holders Shut Down
A site spoofing the official Jaxx website was discovered packing several infections for Windows and Mac machines, and has been shut down.
π Facebook data privacy scandal: A cheat sheet π
π Read
via "Security on TechRepublic".
Read about the saga of Facebook's failures in ensuring privacy for user data, including how it relates to Cambridge Analytica, the GDPR, the Brexit campaign, and the 2016 US presidential election.π Read
via "Security on TechRepublic".
TechRepublic
Facebook data privacy scandal: A cheat sheet
Read about the saga of Facebook's failures in ensuring privacy for user data, including how it relates to Cambridge Analytica, the GDPR, the Brexit campaign, and the 2016 US presidential election.
π΄ Modular Malware Brings Stealthy Attacks to Former Soviet States π΄
π Read
via "Dark Reading: ".
A new malware technique is making phishing attacks harder to spot when they succeed.π Read
via "Dark Reading: ".
Darkreading
Modular Malware Brings Stealthy Attacks to Former Soviet States
A new malware technique is making phishing attacks harder to spot when they succeed.
β Update now! Microsoftβs September 2018 Patch Tuesday is here β
π Read
via "Naked Security".
Septemberβs Patch Tuesday is upon Windows users - 61 CVEs, 17 flaws rated as critical, a zero-day and a flaw affecting Adobe Flash Player.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β California bill regulates IoT for first time in US β
π Read
via "Naked Security".
California looks set to regulate IoT devices, becoming the first US state to do so and beating the Federal Government to the post.π Read
via "Naked Security".
Naked Security
California bill regulates IoT for first time in US
California looks set to regulate IoT devices, becoming the first US state to do so and beating the Federal Government to the post.
β Experts Bemoan Shortcomings with IoT Security Bill β
π Read
via "The first stop for security news | Threatpost ".
The infosec community say California's IoT security bill is "nice," but doesn't hit on the important issues.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Experts Bemoan Shortcomings with IoT Security Bill
The infosec community say Californiaβs IoT security bill is βnice,β but doesnβt hit on the important issues.
β Street gang members indicted for stealing POS terminals β
π Read
via "Naked Security".
...and using the credit card terminals to allegedly issue themselves fraudulent returns and to steal taxpayer IDs and bank info.π Read
via "Naked Security".
Naked Security
Street gang members indicted for stealing POS terminals
β¦and using the credit card terminals to allegedly issue themselves fraudulent returns and to steal taxpayer IDs and bank info.
β Veeam leaves MongoDB database wide open, exposes 445m records β
π Read
via "Naked Security".
The data-management firm's customer database held names, email addresses, some IP addresses and more: a wealth of ammo for phishers.π Read
via "Naked Security".
Naked Security
Veeam leaves MongoDB database wide open, exposes 445m records
The data-management firmβs customer database held names, email addresses, some IP addresses and more: a wealth of ammo for phishers.
π΄ The Increasingly Vulnerable Software Supply Chain π΄
π Read
via "Dark Reading: ".
Nation-state adversaries from Iran to Russia have leveraged the supply chain as a vehicle to compromise infrastructure and disrupt businesses.π Read
via "Dark Reading: ".
Darkreading
The Increasingly Vulnerable Software Supply Chain
Nation-state adversaries from Iran to Russia have leveraged the supply chain as a vehicle to compromise infrastructure and disrupt businesses.