Fuzzing Image Parsing in Windows, Part One: Color Profiles
Image parsing and rendering are basic features of any modern operating system (OS). Image parsing is an easily accessible attack surface, and a vulnerability that may lead to remote code...
Release the Kraken: Fileless injection into Windows Error Reporting service
We discovered a new attack that injected its payload—dubbed "Kraken—into the Windows Error Reporting (WER) service as a defense evasion mechanism.
This blog post was authored by Hossein Jazi...
Detecting Microsoft 365 and Azure Active Directory Backdoors
Mandiant has seen an uptick in incidents involving Microsoft 365 (M365) and Azure Active Directory (Azure AD). Most of these incidents are the result of a phishing email coercing...
Chaos in a cup: When ransomware creeps into your smart coffee maker
This International Coffee Day, we looked at coffee machines that helped bring down a network of systems. Who would've guessed?
When the fledgling concept of the Internet of...
VideoBytes: Ransomware gets wasted!
On today's VideoBytes, we look at how ransomware is on the rise, attacking corporations with malware that not only encrypts files, but also steals it.
Hello dear readers, and...
Technical Advisory – Lansweeper Privilege Escalation via CSRF Using HTTP Method Interchange (CVE-2020-13658)
Vendor: Lansweeper Software
Vendor URL: https://www.lansweeper.com/
Versions affected: 8.0.130.17 known affected versions, others likely
Systems Affected: Windows 10
Authors: Joshua Dow , Daniel King
Advisory URL / CVE Identifier: CVE-2020-13658
Risk: High
Summary:
Lansweeper is an...
Technical Advisory – Pulse Connect Secure – RCE via Template Injection (CVE-2020-8243)
Vendor: Pulse Secure
Vendor URL: https://www.pulsesecure.net/
Versions affected: Pulse Connect Secure (PCS) 9.1Rx or below, Pulse Policy Secure (PPS) 9.1Rx or below
Systems Affected: Pulse Connect Secure (PCS) Appliances
Authors: Richard Warren -...
Eastern Europe’s sixth-largest crypto service is a darknet market
Blockchain forensics firm Chainalysis has found that darknet markets exert a disproportionate presence in Eastern Europe’s crypto sector.In an excerpt from Chainalysis’ 2020 Geography of Cryptocurrency Report, the firm...
Darknet, cryptocurrency and two intersecting health crises
While the precise origin of the COVID-19 pandemic is unknown, it has infected more than 30 million people, with almost 1 million confirmed to have died from it as...
How to Pinpoint Rogue IoT Devices on Your Network
Researchers explain how security practitioners can recognize when a seemingly benign device could be malicious.A Raspberry Pi floating on your network may not be cause for concern – at...
