#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Microosft Windows | Breaking Cybersecurity News | The Hacker News

Category — Microosft Windows
Ransomware Gangs Exploiting Windows Print Spooler Vulnerabilities

Ransomware Gangs Exploiting Windows Print Spooler Vulnerabilities

Aug 13, 2021
Ransomware operators such as Magniber and Vice Society are actively exploiting vulnerabilities in Windows Print Spooler to compromise victims and spread laterally across a victim's network to deploy file-encrypting payloads on targeted systems. "Multiple, distinct threat actors view this vulnerability as attractive to use during their attacks and may indicate that this vulnerability will continue to see more widespread adoption and incorporation by various adversaries moving forward," Cisco Talos  said  in a report published Thursday, corroborating an  independent analysis  from CrowdStrike, which observed instances of Magniber ransomware infections targeting entities in South Korea. While Magniber ransomware was first spotted in late 2017 singling out victims in South Korea through malvertising campaigns, Vice Society is a new entrant that emerged on the ransomware landscape in mid-2021, primarily targeting public school districts and other educational institutions.
Microsoft Releases Windows Updates to Patch Actively Exploited Vulnerability

Microsoft Releases Windows Updates to Patch Actively Exploited Vulnerability

Aug 11, 2021
Microsoft on Tuesday rolled out  security updates  to address a total of 44 security issues affecting its software products and services, one of which it says is an actively exploited zero-day in the wild. The update, which is the smallest release since December 2019, squashes seven Critical and 37 Important bugs in Windows, .NET Core & Visual Studio, Azure, Microsoft Graphics Component, Microsoft Office, Microsoft Scripting Engine, Microsoft Windows Codecs Library, Remote Desktop Client, among others. This is in addition to  seven security flaws  it patched in the Microsoft Edge browser on August 5. Chief among the patched issues is  CVE-2021-36948  (CVSS score: 7.8), an elevation of privilege flaw affecting Windows Update Medic Service — a service that enables remediation and protection of Windows Update components — which could be abused to run malicious programs with escalated permissions. Microsoft's Threat Intelligence Center has been credited with reporting the flaw
cyber security

Earn a Master's in Cybersecurity Risk Management

websiteGeorgetown UniversityCyber Security
Lead the future of cybersecurity risk management with an online Master's from Georgetown.
Cybersecurity
Expert Insights / Articles Videos
Cybersecurity Resources