Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

CVE-2023-36020: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

Microsoft Security Response Center
Open in Source
#xss#vulnerability#microsoft#Microsoft Dynamics#Security Vulnerability
CVE-2023-36006: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client.

CVE-2023-35639: Microsoft ODBC Driver Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client.

Researchers Unmask Sandman APT's Hidden Link to China-Based KEYPLUG Backdoor

Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster that's known to use a backdoor known as KEYPLUG. The assessment comes jointly from SentinelOne, PwC, and the Microsoft Threat Intelligence team based on the fact that the adversary's Lua-based malware LuaDream and KEYPLUG have been

Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans

The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans (RATs) on compromised hosts. Cisco Talos is tracking the activity under the name Operation Blacksmith, noting the use of three DLang-based

Insights into your unpatched vulnerabilities

Malwarebytes is offering customers its ThreatDown Vulnerability Assessment solution without extra costs to help reduce attack surfaces and improve their security posture

New PoolParty Process Injection Techniques Outsmart Top EDR Solutions

A new collection of eight process injection techniques, collectively dubbed PoolParty, could be exploited to achieve code execution in Windows systems while evading endpoint detection and response (EDR) systems. SafeBreach researcher Alon Leviev said the methods are "capable of working across all processes without any limitations, making them more flexible than existing process

Fake hotel reservation phishing scam uses PDF links to spread MrAnon Stealer

By Waqas Received an email about a hotel reservation you didn't book? It's likely a phishing attempt delivering the MrAnon Stealer malware. This is a post from HackRead.com Read the original post: Fake hotel reservation phishing scam uses PDF links to spread MrAnon Stealer

CVE-2023-50446: Set permissions on log directory by Jontified · Pull Request #5398 · mullvad/mullvadvpn-app

An issue was discovered in Mullvad VPN Windows app before 2023.6-beta1. Insufficient permissions on a directory allow any local unprivileged user to escalate privileges to SYSTEM.