Security News > 2020 > March > Week in review: Python backdoor attacks, Windows zero-days under attack, crowdsourced pentesting
Windows users under attack via two new RCE zero-daysAttackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems.
Widely available ICS attack tools lower the barrier for attackersThe general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology networks and industrial control systems.
Python backdoor attacks and how to prevent themPython backdoor attacks are increasingly common.
Scripting attacks are nearly as common as malware-based attacks in the United States and, according to the most recent Crowdstrike Global Threat Report, scripting is the most common attack vector in the EMEA region.
Crowdsourced pentesting is not without its issuesCrowdsourced security isn't new anymore, having existed in one form or another as a consumable enterprise service since 2013 with the launch of the main crowdsourced platforms.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/3rxzDN8M32o/
Related news
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor (source)
- New Windows Themes zero-day gets free, unofficial patches (source)
- Windows Themes zero-day bug exposes users to NTLM credential theft (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Palo Alto Networks patches two firewall zero-days used in attacks (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)