Software Vulnerabilities March 21, 2023

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

12 min read - ‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development…

Software Vulnerabilities February 21, 2023

Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers

17 min read - Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers…

News August 31, 2022

40% of Zero Day Exploits From the Last Decade Happened in 2021

2 min read - Zero-day vulnerabilities are increasing. Attackers can exploit these weaknesses in the wild before a patch becomes publicly available. Until white hats mitigate a zero-day vulnerability, actors can freely exploit it to breach data, systems and networks. According to a Mandiant…

May 18, 2020

Weekly Security News Roundup: WannaCry Dominated Ransomware Detections in Q1 2020

3 min read - Security researchers revealed that WannaCry dominated their ransomware detections in the first quarter of 2020. Read on to learn what else happened last week in security news.

April 22, 2020

Moobot Leverages Zero-Day Vulnerability to Target Fiber Routers

2 min read - Security researchers observed Moobot and other botnets attempting to exploit a zero-day vulnerability in order to compromise fiber routers. Read on to learn more about Moobot's recent activity.

Threat Intelligence February 26, 2020

What’s Old Is New, What’s New Is Old: Aged Vulnerabilities Still in Use in Attacks Today

5 min read - Two vulnerabilities that were reported and patched in 2017 were used in nearly 90 percent of malspam messages in 2019. Why would threat actors use these old, well-known exploits in their attacks?

Software Vulnerabilities February 20, 2020

To Rank or Not to Rank Should Never Be a Question

3 min read - Scanning is an important part of any vulnerability management program, but it should always be accompanied by vulnerability ranking to ensure teams are patching the most impactful issues first.

Endpoint December 31, 2019

How to Identify, Prioritize and Remediate Your Biggest Security Vulnerabilities

3 min read - By prioritizing security vulnerabilities based on weaponization and asset value, you can address them in manageable workloads and remediate the most critical ones first.

December 3, 2019

Weekly Security News Roundup: Dexphot Used Obfuscation, Fileless Tactics and Polymorphism

3 min read - Researchers detailed the multiple layers of obfuscation, fileless tactics and polymorphism techniques employed by the Dexphot malware campaign. Learn what else happened last week in security news.

November 26, 2019

Exploit Code Escalates Apache Solr Vulnerability To ‘High Risk’ Status

2 min read - New exploit code has led researchers to reclassify a security threat aimed at the Linux enterprise search tool Apache Solr to "high severity status."