Latest News

2021/05/13

Wormable Windows Bug Opens Door to DoS, RCE

Microsoft’s May Patch Tuesday release addressed a modest 55 cybersecurity vulnerabilities, including just four critical bugs. It’s the smallest monthly update from the computing giant since 2020, but it does contain a patch for a concerning wormable vulnerability found in the Windows OS.

The good news is that none of the vulnerabilities are being actively exploited in the wild, according to Microsoft, though three are listed as publicly known.
2021/05/10

Major U.S. Pipeline Crippled in Ransomware Attack

Colonial Pipeline Company says it is the victim of a cyberattack that forced the major provider of liquid fuels to the East Coast to temporarily halted all pipeline operations.

A ransomware attack is being blamed for halting pipeline activities for the Colonial Pipeline Company, which supplies the East Coast with roughly 45 percent of it liquid fuels.

In a statement released Saturday, the Colonial Pipeline Company said it temporarily halted pipeline operations in response to a cyberattack impacting the company on Friday.
2021/05/05

New Pingback Malware Using ICMP Tunneling to Evade C&C Detection

Researchers on Tuesday disclosed a novel Pingback Malware that uses a variety of tricks to stay under the radar and evade detection, while stealthily capable of executing arbitrary commands on infected systems.

Called ‘Pingback,’ the Windows malware leverages Internet Control Message Protocol (ICMP) tunneling for covert bot communications, allowing the adversary to utilize ICMP packets to piggyback attack code, according to an analysis published today by Trustwave.
2021/05/04

New Attacks Slaughter All Spectre Defenses

All defenses against Spectre side-channel attacks can now be considered broken, leaving billions of computers and other devices just as vulnerable today as they were when the hardware flaw was first announced three years ago.

A paper published on Friday by a team of computer scientists from the University of Virginia and the University of California, San Diego, describes how all modern AMD and Intel chips with micro-op caches are vulnerable to this new line of attack, given that it breaks all defenses. That includes all Intel chips that have been manufactured since 2011, which all contain micro-op caches.
2021/05/04

Researchers Explore Active Directory Attack Vector

Incident responders who investigate attacks targeting Active Directory discuss methods used to gain entry, elevate privileges, and control target systems.
Active Directory is a massive and complex attack surface that has long been a prime target for criminals seeking valuable privileges and data. Incident responders find the service is involved in the bulk of attacks they investigate, underscoring major security challenges for defenders.