Cybersecurity News - Page 344

The company suffered a “mega data breach,” which led to the closure of key units across the UK, the US, Brazil, India, and Russia.

The hackers are using Windows Netlogon vulnerability to obtain access to Windows Active Directory (AD) servers and elevate privileges.

In order to compromise websites to host malware the attackers used a total of five C&C servers and a slew of RCE and EoP vulnerabilities.

Given the severity of the flaw, the WordPress security team has decided to push forced update to all sites running Loginizer on WordPress 3.7 and higher.

Many of organizations attacked by Muddy Water have been also targeted by the relatively new PowGoop malware.

Microsoft said 120 of the 128 servers identified as Trickbot infrastructure around the world were eliminated.

All of the listed CVEs are already publicly known and have patches available.

The vulnerability is described as a heap buffer overflow bug in Freetype rendering engine.

In the observed attack the hackers escalated privileges using ZeroLogon less than 2 hours after the initial phish.

NCSC said that Russian activity involved reconnaissance operations and that the targets included the Games’ organisers, logistics services and sponsors.