Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2024-21302: Windows Secure Kernel Mode Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Microsoft Security Response Center
#vulnerability#windows#Windows Secure Kernel Mode#Security Vulnerability
Attackers Use Multiple Techniques to Bypass Reputation-Based Security

Protections like Windows Smart App Control are useful but susceptible to attacks that allow threat actors initial access to an environment without triggering any alerts.

Hunters International Disguises SharpRhino RAT as Legitimate Network Admin Tool

The RaaS group that distributes Hive ransomware delivers new malware impersonating as validly signed network-administration software to gain initial access and persistence on targeted networks

Concert Ticket Reservation System 1.0 SQL Injection

Concert Ticket Reservation System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Codeprojects E-Commerce 1.0 Cross Site Scripting

Codeprojects E-Commerce version 1.0 suffers from a cross site scripting vulnerability.

Blog Site 1.0 Cross Site Scripting

Blog Site version 1.0 suffers from a cross site scripting vulnerability.

North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry

The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim of infecting Windows systems, underscoring the persistent nature of their campaigns. The packages in question, harthat-api and harthat-hash, were published on July 7, 2024, according to Datadog Security Labs. Both the libraries did not attract

Magniber ransomware targets home users

Home users are being targeted by a ransomware called Magniber which locks up files and demands money for the key.

Congratulations to the MSRC 2024 Most Valuable Security Researchers!

The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s 100 Most Valuable Researchers (MVRs), based on the total number of points earned for each valid report.