Generative Data Intelligence

Tag: privilege escalation

Cisco IOS Bugs Allow Unauthenticated, Remote DoS Attacks

Cisco has released security updates for its flagship IOS and IOS XE operating system software for networking gear, as well as patches for its...

Top News

Redesigning the Network to Fend Off Living-Off-the-Land Tactics

With adversaries increasingly relying on legitimate tools to hide their malicious activities, enterprise defenders have to rethink the network architecture in order to detect...

Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs

Microsoft's scheduled Patch Tuesday security update for February includes fixes for two zero-day security vulnerabilities under active attack, plus 71 other flaws across a...

Raspberry Robin Jumps on 1-Day Bugs to Nest Deep in Windows Networks

The Raspberry Robin worm is incorporating one-day exploits almost as soon as they're developed, in order to improve on its privilege escalation capabilities. Researchers from...

FritzFrog Botnet Exploits Log4Shell on Overlooked Internal Hosts

A new variant of an advanced botnet called "FritzFrog" has been spreading via Log4Shell.It's been more than two years since the critical vulnerability in...

‘CherryLoader’ Malware Allows Serious Privilege Execution

It's the pits for admins: Researchers have discovered a threat actor achieving admin-level access on targeted systems by deploying a new, sophisticated downloader and...

NSPX30: A sophisticated AitM-enabled implant evolving since 2005

ESET researchers provide an analysis of an attack carried out by a previously undisclosed China-aligned threat actor we have named Blackwood, and that we...

CISA Adds 9.8 ‘Critical’ Microsoft SharePoint Bug to its KEV Catalog

On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added a privilege escalation vulnerability affecting Microsoft SharePoint servers to its list of Known Exploited...

Patch Now: Critical Windows Kerberos Bug Bypasses Microsoft Security

Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of...

Executing Zero Trust in the Cloud Takes Strategy

Zero trust is a high-level strategy that assumes that individuals, devices, and services attempting to access company resources, both externally and internally, can't automatically...

Executing Zero Trust in the Cloud Takes Strategy

Zero trust is a high-level strategy that assumes that individuals, devices, and services attempting to access company resources, both externally and internally, can't automatically...

‘Operation Triangulation’ Spyware Attackers Bypass iPhone Memory Protections

A previously undocumented hardware feature within Apple's iPhone System on a Chip (SoC) allows for exploitation of multiple vulnerabilities, eventually letting attackers bypass hardware-based...

Microsoft Outlook Zero-Click Security Flaws Triggered by Sound File

Researchers this week disclosed details on two security vulnerabilities in Microsoft Outlook that, when chained together, give attackers a way to execute arbitrary code...

Latest Intelligence

spot_img
spot_img
spot_img

Chat with us

Hi there! How can I help you?