Latest News

Exposure of sensitive information to an unauthorized actor in Windows Cloud Files Mini Filter Driver allows an authorized attacker to disclose information locally.

Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Untrusted pointer dereference in Agere Windows Modem Driver allows an authorized attacker to elevate privileges locally.

No cwe for this issue in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.

Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering an off-the-shelf malware called MonsterV2 via phishing campaigns. The Proofpoint Threat Research Team described the threat activity cluster as sophisticated, leveraging web injections and filtering checks as part of its attack chains. "TA585 is notable because it

With just $800 in basic equipment, researchers found a stunning variety of data—including thousands of T-Mobile users’ calls and texts and even US military communications—sent by satellites unencrypted.