Security News

UPDATE. Two zero-day flaws have been uncovered in Zoom's macOS client version, according to researchers. The two flaws, uncovered by Patrick Wardle, principle security researcher with Jamf, emerge as Zoom comes under increased scrutiny over its security measures, particularly with more employees working from home over the past few weeks due to the coronavirus pandemic.

Cybersecurity researchers with Qihoo 360's NetLab today unveiled details of two recently spotted zero-day cyberattack campaigns in the wild targeting enterprise-grade networking devices manufactured by Taiwan-based DrayTek. According to the report, at least two separate groups of hackers exploited two critical remote command injection vulnerabilities affecting DrayTek Vigor enterprise switches, load-balancers, routers and VPN gateway devices to eavesdrop on network traffic and install backdoors.

Windows users under attack via two new RCE zero-daysAttackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems. Widely available ICS attack tools lower the barrier for attackersThe general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology networks and industrial control systems.

While we wait for Microsoft to provide fixes for the two new Windows RCE zero-days that are being exploited in "Limited targeted Windows 7 based attacks," ACROS Security has released micropatches that can prevent remote attackers from exploiting the flaws. In a blog post published on Thursday, ACROS Security CEO Mitja Kolsek explained which attack vectors can be used to exploit the vulnerabilities and why Windows 10 users are at a lower risk of attack.

The Remote Code Execution vulnerabilities affect Adobe Type Manager Library, the part of Windows that manages PostScript Type 1 fonts. Importantly the same danger would arise even if users viewed that document using the Windows File Explorer file manager preview features.

Attackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems, Microsoft warns. "There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane," the company shared, and said that the Outlook Preview Pane is not an attack vector for this vulnerability.

Microsoft is warning of critical zero-day flaws in its Windows operating system that could enable remote code execution. "Microsoft is aware of limited targeted attacks that could leverage unpatched vulnerabilities in the Adobe Type Manager Library, and is providing the following guidance to help reduce customer risk until the security update is released," according to a Monday Microsoft security advisory.

Microsoft is warning of critical zero-day flaws in its Windows operating system that could enable remote code execution. "Microsoft is aware of limited targeted attacks that could leverage unpatched vulnerabilities in the Adobe Type Manager Library, and is providing the following guidance to help reduce customer risk until the security update is released," according to a Monday Microsoft security advisory.

Cybercrime groups have been exploiting vulnerabilities in digital video recorders made by Taiwan-based surveillance solutions provider LILIN to increase the size of their botnets. The vendor released firmware updates that should patch the exploited flaws on February 14, but the vulnerabilities had a zero-day status until this date.

Trend Micro has fixed two actively exploited zero-day vulnerabilities in its Apex One and OfficeScan XG enterprise security products, and advises customers to update to the latest software versions as soon as possible. CVE-2020-8467, a critical flaw in the migration tool component of the two solutions that could allow remote attackers to execute arbitrary code on affected installations.