All posts by cK-bot

■■■■□ Microsoft shares guidance on new Windows Print Spooler vulnerability. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34481 https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-guidance-on-new-windows-print-spooler-vulnerability/ https://t.me/cKure/8588

■■■■■ Zero-day: Microsoft Warns of New Unpatched Windows Print Spooler Vulnerability identified by Jacob Baines. Tracked as CVE-2021-34481 (CVSS score: 7.8), the issue concerns a local privilege escalation flaw that could be abused to perform unauthorized actions on the system. https://thehackernews.com/2021/07/microsoft-warns-of-new-unpatched.html https://t.me/cKure/8587

■■■■□ Microsoft points the finger at Israeli spyware seller for DevilsTongue attacks. https://www.zdnet.com/article/microsoft-points-the-finger-at-israeli-private-exploit-seller-for-devilstongue-malware-attacks https://t.me/cKure/8586

■■■■■ Cloudflare has fixed a critical vulnerability in its free and open-source CDNJS potentially impacting 12.7% of all websites on the internet. CDNJS serves millions of websites with over 4,000 JavaScript and CSS libraries stored publicly on GitHub, making it the second-largest JavaScript CDN. https://www.bleepingcomputer.com/news/security/cloudflare-fixes-cdn-code-execution-bug-affecting-127-percent-of-all-sites/ https://t.me/cKure/8584

■■■■□ Zero-Day Attacks on Critical WooCommerce Bug Threaten Databases across wordpress platform. https://threatpost.com/zero-day-attacks-woocommerce-databases/167846/ https://t.me/cKure/8581

■■■■■ Microsoft, Google, Citizen Lab blow lid off zero-day bug-exploiting spyware sold to governments as 100+ dissidents, politicians, journos targeted by Israeli espionage toolkit https://go.theregister.com/feed/www.theregister.com/2021/07/16/microsoft_candiru_malware/ https://t.me/cKure/8579

■■■■□ CVE-2021-30563: Google has pushed out a new security update to Chrome browser for Windows, Mac, and Linux with multiple fixes, including a zero-day that it says is being exploited in the wild. https://thehackernews.com/2021/07/update-your-chrome-browser-to-patch-new.html https://t.me/cKure/8578

■■■■□ Facebook on Thursday disclosed it dismantled a “sophisticated” online cyber espionage campaign conducted by Iranian hackers targeting about 200 military personnel and companies in the defense and aerospace sectors in the U.S., U.K., and Europe using fake online personas on its platform. The social media giant pinned the attacks to a threat actor known as Tortoiseshell (aka Imperial…

■■■□□ Google Details iOS, Chrome, IE Zero-Day Flaws Exploited Recently in the Wild. https://thehackernews.com/2021/07/google-details-ios-chrome-ie-zero-day.html https://t.me/cKure/8576

■■□□□ Data-Leak / India as actor sells 4.2M record ‘Book my Show’ data online. https://t.me/cKure/8574