A serious flaw that’s existed in Microsoft’s Windows DNS Server for as many as 17 years could be abused to acquire Domain Administrator privileges and affect the whole commercial infrastructure behind it. Tracked as CVE-2020-1350 and named SIGRed, the vulnerability is a remote code execution that impacts Windows Server versions Continue Reading
On Tuesday, technology giant Microsoft came up with two out-of-band security updates to fix two flaws in the Microsoft Windows Codecs Library. The two bugs, tracked as CVE-2020-1425 & CVE-2020-1457, only affect Windows 10 and Windows Server 2019 distributions. The software behemoth said the two security vulnerabilities can be abused with the Continue Reading
Microsoft’s security department released a string of tweets cautioning organizations to deploy defenses against a new section of ransomware called PonyFinal that has existed over the last two months. A Java-based ransomware that threat actors manually distribute, PonyFinal first emerged in the threat scene earlier this year and perpetrated highly Continue Reading
Information on five unpatched flaws in Microsoft Windows, including four believed to be high risk, has been published by security researchers working with Trend Micro’s Zero Day Initiative (ZDI). The first three of these zero-day flaws—tracked as CVE-2020-0916, CVE-2020-0986, and CVE-2020-0915—could let a hacker to intensify privileges on the compromised Continue Reading
A Dutch investigator Björn Ruytenberg has listed nine attack situations that work against all computers with Thunderbolt shipped since 2011, which provide a hacker with physical access to swiftly snip data from encoded drives and memory. In a report published on Sunday, Ruytenberg warned that the attacks work even when Continue Reading
By