Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

CVE-2022-33636: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 104.0.1293.47 8/5/2022 104.0.5112.79/80/81

Microsoft Security Response Center
Open in Source
#vulnerability#web#microsoft#rce#chrome#Microsoft Edge (Chromium-based)#Security Vulnerability
CVE-2022-37030: security - gromox: potential local privilege escalation (CVE-2022-37030)

Weak permissions on the configuration file in the PAM module in Grommunio Gromox 0.5 through 1.x before 1.28 allow a local unprivileged user in the gromox group to have the PAM stack execute arbitrary code upon loading the Gromox PAM module.

Cyberattackers Increasingly Target Cloud IAM as a Weak Link

At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.

High-Severity Bug in Kaspersky VPN Client Opens Door to PC Takeover

The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.

How Email Security Is Evolving

Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated.

Unprotected Snapchat and Amex sites lead to credential harvesting

By Deeba Ahmed Open-Redirect vulnerabilities in American Express and Snapchat are being exploited to carry out phishing scams, researchers have revealed.… This is a post from HackRead.com Read the original post: Unprotected Snapchat and Amex sites lead to credential harvesting

Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale

Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector.

New Woody RAT Malware Being Used to Target Russian Organizations

An unknown threat actor has been targeting Russian entities with a newly discovered remote access trojan called Woody RAT for at least a year as part of a spear-phishing campaign. The advanced custom backdoor is said to be delivered via either of two methods: archive files and Microsoft Office documents leveraging the now-patched "Follina" support diagnostic tool vulnerability (CVE-2022-30190)

VirusTotal Reveals Apps Most Exploited by Hackers to Spread Malware

By Deeba Ahmed According to the latest research findings from VirusTotal, cybercriminals and threat actors are increasingly relying on mimicked versions… This is a post from HackRead.com Read the original post: VirusTotal Reveals Apps Most Exploited by Hackers to Spread Malware

Woody RAT: A new feature-rich malware spotted in the wild

The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities. The post Woody RAT: A new feature-rich malware spotted in the wild appeared first on Malwarebytes Labs.