New 0-Day Attack Targeting Windows Users With Microsoft Office Documents

New 0-Day Attack Targeting Windows Users With Microsoft Office Documents

Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that’s being used to hijack vulnerable Windows systems by leveraging weaponized Office documents. Tracked as CVE-2021-40444 (CVSS score: 8.8), the remote code execution flaw is rooted in MSHTML (aka Trident), a proprietary browser engine for the now-discontinued Internet Explorer and which is…

Howard University cancels classes following ransomware attack | #malware | #ransomware | #cybersecurity | #infosecurity | #hacker – National Cyber Security

Howard University cancels classes following ransomware attack | #malware | #ransomware | #cybersecurity | #infosecurity | #hacker – National Cyber Security

Howard University in Washington DC has been hit by a ransomware attack which has forced it to cancel classes for two days running. The university stated on Monday 6 September that its technology team detected “unusual activity on the university’s network” on 3 September which caused it to shut down its network to investigate the…

New 0-Day Attack Targeting Windows Users With Microsoft Office Documents

New 0-Day Attack Targeting Windows Users With Microsoft Office Documents

New 0-Day Attack Targeting Windows Users With Microsoft Office Documents | IT Security News 8. September 2021 This article has been indexed from The Hacker News Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that’s being used to hijack vulnerable Windows systems by leveraging weaponized Office documents.Tracked as CVE-2021-40444 (CVSS…

Howard University Hit With Ransomware Attack

Howard University Hit With Ransomware Attack

Breach Notification , Critical Infrastructure Security , Cybercrime Classes Canceled as the University’s IT Staff Repairs Damage Dan Gunderman (dangun127) • September 7, 2021     Howard University detected the cyberattack late last week. (Photo: Derek E. Morton via Wiki/CC) Stay tuned for updates on this developing story. See Also: Top 50 Security Threats …

Microsoft shares temp fix for ongoing Office 365 zero-day attacks

Microsoft shares temp fix for ongoing Office 365 zero-day attacks

Microsoft today shared mitigation for a remote code execution vulnerability in Windows that is being exploited in targeted attacks against Office 365 and Office 2019 on Windows 10. The flaw is in MSHTML, the browser rendering engine that is also used by Microsoft Office documents. Ongoing attacks against Office 365 Identified as CVE-2021-40444, the security issue…

How Infusion Pump Security Flaws Can Mess with Drug Dosing

How Infusion Pump Security Flaws Can Mess with Drug Dosing

Five security vulnerabilities in commonly used infusion pump products from B. Braun Medical Inc. could collectively allow malicious actors to dangerously modify the dose of medicines delivered to patients, says Douglas McKee, a security researcher on a team at security vendor McAfee Enterprise, which recently discovered the flaws. The vulnerabilities exist in both the B….

Netgear Fixes Critical Flaws Affecting Smart Switches

Netgear Fixes Critical Flaws Affecting Smart Switches

Breach Notification , Endpoint Security , Governance & Risk Management Details on 2 of the 3 Vulnerabilities Released Mihir Bagwe • September 7, 2021     Gynvael Coldwind, a security researcher on Google’s security team, has identified three critical vulnerabilities affecting several Netgear smart switch products that, if exploited, give the attacker complete control over…

Alleged Trickbot Developer Arrested in South Korea

Alleged Trickbot Developer Arrested in South Korea

Cybercrime , Cybercrime as-a-service , Cyberwarfare / Nation-State Attacks Russian Gang Member Was Stranded After COVID-19 Restriction Prajeet Nair (@prajeetspeaks) • September 7, 2021     A Russian citizen, alleged to be working as a developer for the malware-spreading organization Trickbot, reportedly has been arrested at Seoul-Incheon International Airport. He was questioned by Korean authorities…