Read Time:7 Second
CIS has released its Malicious Domain Blocking and Reporting Plus (MDBR+) service to help SLTTs and private hospitals strengthen their web security.[…]
Daily Archives: March 17, 2023
Russian Military Preparing New Destructive Attacks: Microsoft
Vishing Campaign Targets Social Security Administration
Two Patch Tuesday flaws you should fix right now
Read Time:50 Second
Microsoft released its monthly security bulletin this week, covering patches for over 80 vulnerabilities across its products. However, two of them had already been used by attackers before patches were released.
One vulnerability affects all supported versions of Outlook for Windows and allows attackers to steal Net-NTLMv2 hashes and then use them in NTLM (New Technology LAN Manager) relay attacks against other systems. The second allows attackers to bypass Microsoft SmartScreen, a technology built into Windows that performs checks on files downloaded from the internet through browsers.
NTLM hash-stealing flaw exploited by Russian state-sponsored APT
The Outlook vulnerability, tracked as CVE-2023-23397, is described by Microsoft as an elevation of privilege and is rated critical (9.8 out of 10 on the CVSS scale). Unlike remote code execution vulnerabilities, EoP vulnerabilities are rarely critical because they can’t typically be exploited remotely and the attacker already needs to have some lower privileges on the system.
flatpak-1.15.4-1.fc38
Read Time:9 Second
FEDORA-2023-508e400dec
Packages in this update:
flatpak-1.15.4-1.fc38
Update description:
Update to 1.15.4
Fix CVE-2023-28100 and CVE-2023-28101
CVE-2021-21548
Read Time:22 Second
Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim’s traffic to view or modify a victim’s data in transit.
Defense in depth — the Microsoft way (part 83): instead to fix even their most stupid mistaskes, they spill barrels of snakeoil to cover them (or just leave them as-is)
Read Time:20 Second
Posted by Stefan Kanthak on Mar 16
Hi @ll,
with Windows 2000, Microsoft virtualised the [HKEY_CLASSES_ROOT] registry
branch: what was just an alias for [HKEY_LOCAL_MACHINESOFTWAREClasses]
before became the overlay of [HKEY_LOCAL_MACHINESOFTWAREClasses] and
[HKEY_CURRENT_USERSoftwareClasses] with the latter having precedence:
<https://msdn.microsoft.com/en-us/library/ms724498.aspx>
Note: while [HKEY_LOCAL_MACHINESOFTWAREClasses] is writable only by…
[CFP] Security BSides Ljubljana 0x7E7 | June 16, 2023
Read Time:14 Second
Posted by Andraz Sraka on Mar 16
MMMMMMMMMMMMMMMMNmddmNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMN..-..–+MMNy:…-.-/yNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMy..ymd-.:Mm::-:osyo-..-mMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MM:..—.:dM/..+NNyyMN/..:MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
Mm../dds.-oy.-.dMh–mMds++MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
My:::::/ydMmo..-hMMMmo//omMs/+Mm+++++shNMN+//+//+oMNy+///ohM
MMMs//yMNo+hMh—m:-:hy+sMN..+Mo..os+.-:Ny–ossssdN-.:yyo+mM…
DSA-5375 thunderbird – security update
Read Time:6 Second
Multiple security issues were discovered in Thunderbird, which could
result in denial of service, the execution of arbitrary code or
spoofing.