Security News

Google has released proof-of-concept exploit code, which leverages the Spectre attack against the Chrome browser to leak data from websites. Three years after the Spectre attack was first disclosed, researchers with Google have now released a demonstration website that leverages the attack, written in JavaScript, to leak data at a speed of 1 kilobyte per second when running on Chrome 88 on an Intel Skylake CPU. The researchers said they hope the PoC will light a fire under web application developers to take active steps to protect their sites.

Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon and three other vulnerabilities patched by Microsoft in early March. A. Human operated ransomware attacks are utilizing the Microsoft Exchange vulnerabilities to exploit customers.

Google last week announced the release of proof-of-concept code designed to exploit the notorious Spectre vulnerability and leak information from web browsers. In 2019, the Google team responsible for Chrome's V8 JavaScript engine said that the attack can't be mitigated at the software level, arguing that security boundaries in browsers should be aligned with low-level primitives, such as process-based isolation.

While there is no concrete explanation for the widespread exploitation by so many different groups, speculations are that the adversaries shared or sold exploit code, resulting in other groups being able to abuse these vulnerabilities, or that the groups obtained the exploit from a common seller. For its part, the Dutch Institute for Vulnerability Disclosure reported Tuesday that it found 46,000 servers out of 260,000 globally that were unpatched against the heavily exploited ProxyLogon vulnerabilities.

Since Microsoft disclosed actively exploited Microsoft Exchange security vulnerabilities, known collectively as ProxyLogon, administrators and security researchers have been scrambling to protect vulnerable servers exposed on the Internet. The PoC provided enough information that security researchers and threat actors could use it to develop a functional remote code execution exploit for Microsoft Exchange servers.

Software giant Microsoft Corp. has launched an investigation to determine whether one of its flagship information-sharing programs sprung a leak that led to the widespread exploitation of Exchange server deployments around the world. According to a bombshell report in the Wall Street Journal, Redmond is looking closely at its Microsoft Active Protections Program to figure out if an anti-malware partner in China leaked proof-of-concept code ahead of the availability of security updates.

Google has published JavaScript proof-of-concept code to demonstrate the practicality of using Spectre exploits targeting web browsers to access information from a browser's memory. According to the Google Security Team, the PoC shared today works across a wide range of processor architectures, operating systems, and hardware generations.

A working proof-of-concept exploit is now publicly available for the critical SIGRed Windows DNS Server remote code execution vulnerability. SIGRed has existed in Microsoft's code for over 17 years, it impacts all Windows Server versions 2003 through 2019, and it has received a maximum severity rating of 10 out of 10.

Project Zero, Google's 0day bug-hunting team, shared technical details and proof-of-concept exploit code for a critical remote code execution bug affecting a Windows graphics component. The Project Zero researchers discovered the vulnerability, tracked as CVE-2021-24093, in a high-quality text rendering Windows API named Microsoft DirectWrite.

After security researchers have developed and published proof-of-concept exploit code targeting a critical vCenter remote code execution vulnerability, attackers are now actively scanning for vulnerable Internet-exposed VMware servers. We've detected mass scanning activity targeting vulnerable VMware vCenter servers.