Attackers Are Already Exploiting the Fresh 0-day Follina Bug in Microsoft Office

Security researchers recently discovered a zero-day vulnerability in Microsoft Office dubbed Follina. The bug can be exploited through the normal opening of a Word document, using it to execute malicious PowerShell commands through the Microsoft Diagnostic Tool (MSDT). Let me remind you that we also wrote that Lapsus$ hack group stole the source codes of… Continue reading Attackers Are Already Exploiting the Fresh 0-day Follina Bug in Microsoft Office

Vulnerability in Windows 10 could allow gaining administrator privileges

Last weekend, the well-known cybersecurity researcher Jonas Lykkegaard reported a rather serious vulnerability in Windows 10. All versions of Windows 10 released in the last 2.5 years (as well as Windows 11) are vulnerable to an issue dubbed SeriousSAM and HiveNightmare. Thanks to this bug, an attacker can elevate his privileges and gain access to… Continue reading Vulnerability in Windows 10 could allow gaining administrator privileges

Babuk Locker ransomware builder leaked into the network

The Babuk Locker ransomware builder has appeared in the public domain. With its help anyone can design its own ransomware, the well-known information security expert Kevin Beaumont said on Twitter. The malware is already uploaded to VirusTotal. The Record, which has already studied this leak, reports that the Babuk Locker builder can be used to… Continue reading Babuk Locker ransomware builder leaked into the network

Hackers scan network for vulnerable Microsoft Exchange servers

Information security experts warn that hackers are already scanning the network for Microsoft Exchange servers that are vulnerable to CVE-2020-0688, which Microsoft developers fixed two weeks ago. The problem is related to the operation of the Exchange Control Panel (ECP) component and the inability of Microsoft Exchange to create unique cryptographic keys during installation. “The… Continue reading Hackers scan network for vulnerable Microsoft Exchange servers