Tuesday, December 24, 2024

Windows

Windows 11 Privilege Escalation Vulnerability Lets Attackers Execute Code to Gain Access

Microsoft has swiftly addressed a critical security vulnerability affecting Windows 11 (version 23H2), which could allow local attackers to escalate privileges to the SYSTEM level.Security researcher Alex Birnberg...

NotLockBit – Previously Unknown Ransomware Attack Windows & macOS

A new and advanced ransomware family, dubbed NotLockBit, has emerged as a significant threat in the cybersecurity landscape, closely mimicking the behavior and tactics...

Windows RDP Service Flaw let Hackers Execute Remote Code

A critical security vulnerability (CVE-2024-49115) in Windows Remote Desktop Services (RDS) has been disclosed, potentially allowing hackers to execute arbitrary remote code via the...

Microsoft Patch Tuesday December 2024, 71 Vulnerabilities Fixed Including 1 Zero-day

In its final Patch Tuesday of 2024, Microsoft has released a significant security update addressing a total of 71 vulnerabilities, including 16 critical vulnerabilities...

Qlik Sense for Windows Vulnerability Allows Remote Code Execution

Qlik has identified critical vulnerabilities in its Qlik Sense Enterprise for Windows software that could lead to remote code execution (RCE) if exploited. Security...

Windows NTLM Zero-Day Vulnerability Exposes User Credentials

A critical zero-day vulnerability affecting all modern Windows Workstation and Server versions has been discovered.The flaw enables attackers to steal NTLM credentials with minimal...

Windows Server 2012 0-day Vulnerability Exposes Critical Security Flaw

Cybersecurity researchers have identified a critical 0-day vulnerability in Windows Server 2012 and Server 2012 R2.This previously unknown security flaw allows attackers to...

New Windows 11 Vulnerability Lets Attackers Elevate Privileges

A new vulnerability has been discovered in Windows 11, specifically affecting the 23H2 version.This vulnerability is identified in the ksthunk.sys driver, allows attackers to exploit...

Windows 0-Day Exploited in Wild with Single Right Click

A newly discovered zero-day vulnerability, CVE-2024-43451, has been actively exploited in the wild, targeting Windows systems across various versions.This critical vulnerability, uncovered by the...

CRON#TRAP Campaign Attacks Windows Machine With Weaponized Linux Virtual Machine

Weaponized Linux virtual machines are used for offensive cybersecurity purposes, such as "penetration testing" or "exploiting vulnerabilities."These setups often use the tools and frameworks...

New Windows Downgrade Attack Let Hackers Downgrade Patched Systems To Exploits

The researcher discovered a vulnerability in the Windows Update process that allowed them to downgrade critical system components, including DLLs, drivers, and the NT...