Security News > 2020 > March > Week in review: Python backdoor attacks, Windows zero-days under attack, crowdsourced pentesting
Windows users under attack via two new RCE zero-daysAttackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems.
Widely available ICS attack tools lower the barrier for attackersThe general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology networks and industrial control systems.
Python backdoor attacks and how to prevent themPython backdoor attacks are increasingly common.
Scripting attacks are nearly as common as malware-based attacks in the United States and, according to the most recent Crowdstrike Global Threat Report, scripting is the most common attack vector in the EMEA region.
Crowdsourced pentesting is not without its issuesCrowdsourced security isn't new anymore, having existed in one form or another as a consumable enterprise service since 2013 with the launch of the main crowdsourced platforms.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/3rxzDN8M32o/
Related news
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Rackspace monitoring data stolen in ScienceLogic zero-day attack (source)
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- Qualcomm patches high-severity zero-day exploited in attacks (source)
- Ivanti warns of three more CSA zero-days exploited in attacks (source)
- Mozilla fixes Firefox zero-day actively exploited in attacks (source)
- Firefox Zero-Day Under Attack: Update Your Browser Immediately (source)
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)