Microsoft has released a notice of a new vulnerability in Print Spooler (CVE-2021-36958) that allows local attackers to gain system privileges on a computer. The new vulnerability is related to other PrintNightmare bugs that exploit the configuration settings for Print Spooler, print drivers, anфd Windows Point and Print. Microsoft previously released patches for PrintNightmare in… Continue reading Microsoft Warns of New Print Spooler Vulnerability
Tag: Vulnerabilities
Microsoft releases patches for 44 vulnerabilities, including three 0-days
As part of Patch Tuesday this week, Microsoft released patches for 44 vulnerabilities (51 including bugs in Microsoft Edge), seven of which were classified as critical, three were 0-day, and one was already under attack. Patches released this month: .NET Core and Visual Studio, ASP.NET Core and Visual Studio, Azure, Windows Update, Windows Print Spooler… Continue reading Microsoft releases patches for 44 vulnerabilities, including three 0-days
Vulnerabilities in Amazon Kindle Allowed Taking Full Control of the Device
Check Point researchers reported that in April of this year, IT giant Amazon eliminated critical vulnerabilities in the Amazon Kindle. The problems could be used to gain full control over the device, allowed them to steal the Amazon device token and other confidential data stored on it. For a successful attack on a Kindle, just… Continue reading Vulnerabilities in Amazon Kindle Allowed Taking Full Control of the Device
Experts published a list of the most attacked vulnerabilities in 2020-2021
Experts from the FBI, the US Department of Homeland Security (DHS CISA), the Australian Cybersecurity Center (ACSC), and the UK National Cybersecurity Center (NCSC) have published joint security advisories that list the most attacked and most popular vulnerabilities among criminals in 2020 and 2021. Based on data collected by the US government, most of the… Continue reading Experts published a list of the most attacked vulnerabilities in 2020-2021
Moxie Marlinspike Demonstrates Cellebrite Tools Vulnerabilities
Signal creator, renowned cryptographer, hacker, researcher and anarchist Moxie Marlinspike studied the products of the famous Israeli cybercriminalistic company Cellebrite and identified a number of vulnerabilities in their work. In particular, the bugs allowed him to execute malicious code on a Windows computer that was used to analyze devices. Let me remind you that Cellebrite… Continue reading Moxie Marlinspike Demonstrates Cellebrite Tools Vulnerabilities