A malware campaign using the Qbot (aka QakBot) banking trojan has been identified in the wild that is spread through malicious Microsoft OneNote .one attachments. This malware campaign has been referred to as ‘QakNote’ due to the trojan used and the method of using Microsoft OneNote files. It has been observed by security researchers at […]
Microsoft OneNote Attachments Malware Campaign Read More »
This week was the first Microsoft Patch Tuesday of 2023, where a total of 98 different vulnerabilities have been patched, including an actively exploited zero-day flaw. This update addresses twice the number of vulnerabilities as the December 2022 Patch Tuesday, which saw fixes for 49 vulnerabilities and 2 zero-day flaws. Eleven of the vulnerabilities patched
First Microsoft Patch Tuesday of 2023 Fixes Zero-Day Read More »
A legitimate Windows executable is being abused by malicious actors to stealthily infect devices with malware without raising any alarms. The Windows Error Reporting tool WerFault.exe can be exploited to load malware onto a system using a DLL sideloading technique in an attack K7 Security Labs have published an analysis for last week. This legitimate
Windows Error Reporting Tool Abused to Load Malware Read More »
Endpoint detection and response (EDR) systems, and antivirus (AV) software, are used to increase the cybersecurity of a device. However, these security software solutions are now able to be exploited for their data deletion capabilities, effectively turning them into data wipers. Security researcher Or Yair at SafeBreach Labs discovered this capability alongside multiple zero-day vulnerabilities
Endpoint Detection Systems Used as Data Wipers Read More »
Google Chrome has released an emergency update to patch a critical severity vulnerability present in the Chrome desktop app. Microsoft have also alerted customers that the chromium-based browser Microsoft Edge also contains this vulnerability in both Windows and Mac versions of the desktop app. This has been given a high severity rating by Google and
Exploited Chromium Vulnerability in Chrome and Edge Read More »
This week was November’s patch Tuesday, where Microsoft issued a security update that resolved 68 different vulnerabilities, 6 of which were actively exploited zero-day flaws. A total of 11 vulnerabilities that have been patched this week have been given a critical severity rating, due to a possible exploit leading to elevation of privileges, spoofing, or
Microsoft Patch Six Zero-Day Vulnerabilities Read More »
A spoofing vulnerability in Microsoft Azure Service Fabric can be exploited by attackers to gain admin privileges and take over Service Fabric clusters. Although there are not currently reports of this vulnerability being exploited in the wild, proof of concept (PoC) code for this attack vector does exist. Cloud security platform Orca Security first discovered
Microsoft Azure Vulnerability Exploit in SF Clusters Read More »
An actively exploited zero-day flaw that prevents Windows from properly identifying potentially malicious documents by flagging them as downloaded from the web has been given an unofficial patch. The security issue was first brought to Microsoft’s attention by a security researcher 3 month ago, however no official update to correct this has been released. Security
Windows Zero-Day Flaw Gets Free Unofficial Patch Read More »
The recent Windows 11 2022 Update has been experiencing issues and failing to finish installing due to provisioning issues, leaving some partially configured endpoints vulnerable. Also known as version 22H2, this update immediately impacted some users by causing Remote Desktop clients to not connect, randomly disconnect, or freeze unexpectedly. Since then, Microsoft have released issue
Issues with Windows 11 22H2 Update Addressed Read More »
Two high severity zero-day vulnerabilities for the Microsoft Exchange Server have been found to be exploited in the wild. An elevation of privilege vulnerability, and a remote code execution vulnerability have been used by attackers to gain access into victim’s systems. The Cybersecurity and Infrastructure Security Agency (CISA) recently added these two flaws to their
Microsoft Exchange Server Vulnerabilities Exploited Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.