Security News > 2020 > March > Week in review: Python backdoor attacks, Windows zero-days under attack, crowdsourced pentesting
Windows users under attack via two new RCE zero-daysAttackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems.
Widely available ICS attack tools lower the barrier for attackersThe general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology networks and industrial control systems.
Python backdoor attacks and how to prevent themPython backdoor attacks are increasingly common.
Scripting attacks are nearly as common as malware-based attacks in the United States and, according to the most recent Crowdstrike Global Threat Report, scripting is the most common attack vector in the EMEA region.
Crowdsourced pentesting is not without its issuesCrowdsourced security isn't new anymore, having existed in one form or another as a consumable enterprise service since 2013 with the launch of the main crowdsourced platforms.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/3rxzDN8M32o/
Related news
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Broadcom fixes three VMware zero-days exploited in attacks (source)
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)