05 December 2023

■ Russian Hackers Exploiting Outlook Bug to Hijack Exchange Accounts

Microsoft's Threat Intelligence team warned of Russian state-sponsored actor APT28 exploiting the CVE-2023-23397 Outlook flaw, actively hijacking Microsoft Exchange accounts for data theft.

■ PDF Phishing: Beyond the Bait

Phishing attacks increasingly utilize PDF documents, leveraging the file format's trustworthiness and social engineering tactics for successful campaigns.

■ December Android Updates Fix Critical Zero-Click RCE Flaw

Google's December 2023 Android security updates address 85 vulnerabilities, including a critical zero-click remote code execution (RCE) bug, emphasizing the importance of immediate patching.

■ Tipalti Investigates Claims of Data Stolen in Ransomware Attack

Tipalti is investigating claims by the ALPHV ransomware gang of a network breach resulting in the theft of 256 GB of data, including information for platforms like Roblox and Twitch.

■ Fake WordPress Security Advisory Pushes Backdoor Plugin

WordPress administrators are targeted by fake security advisories leveraging a fictitious vulnerability (CVE-2023-45124) to infect sites with a malicious plugin, highlighting ongoing phishing tactics.

■ Windows 11 KB5032288 Update Improves Copilot, Fixes 11 Bugs

Microsoft's KB5032288 November 2023 Windows 11 preview update enhances the Copilot AI assistant and addresses almost a dozen bugs, emphasizing system enhancements and bug fixes.

■ Microsoft Fixes Outlook Desktop Crashes When Sending Emails

Microsoft addressed a known issue causing Outlook Desktop clients to crash during email sending from Outlook.com accounts, enhancing the stability of the email client.

■ Stealthier Version of P2Pinfect Malware Targets MIPS Devices

The latest P2Pinfect botnet variants target 32-bit MIPS devices like routers and IoT devices, indicating an expansion in the range of infected devices.

■ TrickMo Banking Trojan Resurfaces with New Features, Targeting Android Devices

TrickMo evolves, using Accessibility event logs to gather data from running applications on Android devices, showcasing new tactics and a shift in target devices.

■ Two New Versions of OpenZFS Fix Long-Hidden Corruption Bug

OpenZFS releases versions 2.2.2, addressing a long-standing data corruption bug affecting file copies on FreeBSD 14 and various Linux distributions.

microsofthijackoutlookpdfphishingzero-clicktrickmotrojanp2pinfectmalwaremipsandroidopenzfs

Lastest news

17 December 2023 16 December 2023 15 December 2023 14 December 2023 13 December 2023 12 December 2023 11 December 2023 10 December 2023

Services News Contact us

Penetration Testing Social Engineering Vulnerability Assessment Secure Web Design