Security News

A privilege escalation vulnerability impacting all Windows versions that can let threat actors gain domain admin privileges through an NTLM relay attack has received unofficial patches after Microsoft tagged it as "Won't fix." Kerberos has superseded NTLM, the current default auth protocol for domain-connected devices for all Windows 2000 and later.

Microsoft's first Patch Tuesday of 2022 has, for some folk, broken Hyper-V and sent domain controllers into boot loops. As well as the broken Hyper-V, popular tech blog Born City noted problems with boot loops on domain controllers, with other versions of Windows Server affected.

Apple on Wednesday rolled out software updates for iOS and iPadOS to remediate a persistent denial-of-service issue affecting the HomeKit smart home framework that could be potentially exploited to launch ransomware-like attacks targeting the devices. The iPhone maker, in its release notes for iOS and iPadOS 15.2.1, termed it as a "Resource exhaustion issue" that could be triggered when processing a maliciously crafted HomeKit accessory name, adding it addressed the bug with improved validation.

Today is Microsoft's January 2022 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 97 flaws. [...]

Ransomware attacks decrease, operators started rebrandingPositive Technologies experts have analyzed the Q3 2021 cybersecurity threatscape and found a decrease in the number of unique cyberattacks. How can SMBs extend their SecOps capabilities without adding headcount?While cybersecurity budgets are rising, most small and some midsize organizations looking to employ skilled cybersecurity professionals are often unable to match salaries offered by big enterprises in a job market where demand outstrips supply.

Even though Apache released the zero-day fix for CVE-2021-44228, it takes a while for companies who use this library to update, test, and release a new version. January 2022 Patch Tuesday forecast I mentioned Microsoft has been busy addressing several issues already this year, so we may see more than the 29 and 30 vulnerabilities addressed in Windows 11 and 10 respectively.

Google has rolled out the first round of updates to its Chrome web browser for 2022 to fix 37 security issues, one of which is rated Critical in severity and could be exploited to pass arbitrary code and gain control over a victim's system. Security researcher Yangkang of Qihoo 360 ATA, who has previously disclosed zero-day vulnerabilities in Apple's WebKit, has been credited with discovering and reporting the flaw on November 30, 2021.

The Apache Software Foundation on Tuesday rolled out fresh patches to contain an arbitrary code execution flaw in Log4j that could be abused by threat actors to run malicious code on affected systems, making it the fifth security shortcoming to be discovered in the tool in the span of a month. While Log4j versions 1.x are not affected, users are recommended to upgrade to Log4j 2.3.2, 2.12.4, or 2.17.1.

A short-lived phishing campaign has been observed taking advantage of a novel exploit that bypassed a patch put in place by Microsoft to fix a remote code execution vulnerability affecting the MSHTML component with the goal of delivering Formbook malware. "The attachments represent an escalation of the attacker's abuse of the CVE-2021-40444 bug and demonstrate that even a patch can't always mitigate the actions of a motivated and sufficiently skilled attacker," SophosLabs researchers Andrew Brandt and Stephen Ormandy said in a new report published Tuesday.

The Log4j saga: New vulnerabilities and attack vectors discoveredThe Apache Log4j saga continues, as several new vulnerabilities have been discovered in the popular library since Log4Shell was fixed by releasing Log4j v2.15.0. Cyber insurance trends: Insurers and insurees must adapt equally to growing threatsIn this interview with Help Net Security, Avi Bashan, CTO at Kovrr, talks about cyber insurance trends and how the growing threat landscape impacted both insurers and insurees.