Hackerzhome

hackerzhome-logo-bg
Hackerzhome-logo-sm

Cybersecurity news all over the world

HACKERZHOME NEWS

June 9, 2023

www.hackerzhome.org

Friday

Exploit for Recent Windows Vulnerability Unveiled by Experts and Actively Exploited

Information has become available on a Microsoft Windows security hole that is now being actively exploited and may be leveraged by a threat actor to escalate their privileges on impacted devices.


The Windows vulnerability, CVE-2023-29336, has a severity rating of 7.8 and relates to a flaw that elevates privileges in the Win32k component.


In a security warning released as part of Patch Tuesday updates last month, Microsoft revealed that an attacker who was successful in exploiting this vulnerability may obtain SYSTEM capabilities.


Jan Vojtek, Milánek, and Luigino Camastra, researchers with Avast, are credited with finding and reporting the problem.


The administration of Windows and GUIs is handled by Win32k.sys, a kernel-mode driver that is a crucial component of the Windows design.


Numen Cyber has dismantled the Microsoft patch to create a proof-of-concept (PoC) exploit for Windows Server 2016, despite the fact that the specifics of in-the-wild usage of the weakness are now unknown.


The Singapore-based cybersecurity firm said that in order to finally get a read-write primitive, the vulnerability depended on the exposed kernel handle location in the heap memory.


Win32k’s faults are well-known throughout history, claims Numen Cyber. In the most current Windows 11 preview, Microsoft attempted to utilize Rust to rebuild this section of the kernel code.


This may make the new system’s vulnerabilities obsolete in the future.

NEWS 1
Exploit for Recent Windows Vulnerability Unveiled by Experts and Actively Exploited

Breaking news

LIVE

You are not up to date!

Subscribe to our newsletter and stay updated on cybersecurity news

Ransomware assault disclosed by Japanese pharmaceutical company Eisai

The pharmaceutical firm Eisai has acknowledged that a ransomware assault negatively affected its operations and that some of its systems were encrypted.

With approximately 10,000 people and $5.3 billion in annual revenue, Eisai is a pharmaceutical corporation with headquarters in Tokyo. In Japan, the United Kingdom, North Carolina, and Massachusetts, the corporation has nine manufacturing and fifteen medical research facilities.

The business creates and manufactures anti-seizure, neuropathy, and dementia medications in addition to treatments for the adverse effects of chemotherapy and different cancers.

Eisai said that they were the victim of a ransomware assault during the weekend, which is a common period for attackers to use encryptors since IT departments are understaffed and unable to adequately handle the fast-changing scenario.

On Saturday, June 3, Japan time, a ransomware outbreak was discovered that had encrypted several of Eisai Group’s servers.

With the help of our cybersecurity partners, we immediately put our incident response plan into action, started an investigation, and gathered a company-wide task force to work quickly on response protocols.

NEWS 2

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

June 9, 2023 /

Friday

Hackerzhome News

2

Have you heard?
A New PowerDrop Virus Is Aimed At The American Aerospace Industry Know more!

A New Custom Backdoor, or Stealth Soldier, Targets North Africa with Espionage Attacks

As part of a series of precisely targeted espionage strikes in North Africa, a new bespoke backdoor known as Stealth Soldier has been used.

In a technical analysis, cybersecurity company Check Point described Stealth Soldier malware as an undocumented backdoor that primarily performs surveillance tasks including file exfiltration, screen and microphone recording, keyboard logging, and browser information theft.

The use of command-and-control (C&C) servers that look like websites run by the Libyan Ministry of Foreign Affairs characterizes the continuing operation.

The campaign’s early artifacts were discovered in October 2022.

The assaults start with prospective users downloading fake downloader binaries that are distributed via social engineering attacks and serve as a conduit for getting Stealth Soldier while concurrently showing a false empty PDF file.

The bespoke modular implant, which is reportedly only seldom utilized, allows surveillance capabilities by gathering directory listings and browser credentials, recording keystrokes, capturing microphone sounds, taking screenshots, uploading files, and executing PowerShell commands.

NEWS 3

For your credentials, Google Chrome's password manager has improved security measures.

NEWS 4

The built-in Password Manager in Google Chrome is gaining additional security-enhancing capabilities, making it simpler for users to manage their passwords and protect themselves from account-hijacking threats.

The Chrome Password Manager, a built-in component of Google’s services, may be used to manage and auto-fill login information on the Chrome browser and other Google software products, synchronizing the login information across all applications used with the same Google Account.

Users that adhere to proper security practices can take advantage of Google Password Manager’s convenience with little concern, despite the fact that maintaining account credentials in the web browser makes them susceptible to theft and decryption by information thieves (malware).

Google today unveiled five new and already-existing features that strengthen the security of information saved in its Password Manager and provide barriers that shield users from danger.

A desktop shortcut for Google Password Manager has been added, enabling users to easily access and manage all of their saved account credentials, change autofill preferences, and more.

Recent blog posts

Vivaldi uses a spoof of the Edge browser to get around Bing Chat limitations.

Beginning today, the Vivaldi Browser will impersonate Microsoft Edge on Android devices in order to get around the browser limitations that Microsoft imposed on Bing Chat.

Microsoft has limited Bing Chat such that consumers may only use it on the Microsoft Edge browser when it was first made available.

Even though Microsoft Edge was created using the same Chromium code as Google Chrome, Brave Browser, and Vivaldi, this restriction still exists even though the service ought to function in each of these browsers.

Vivaldi revealed today that it is altering its browser’s user agent to spoof Microsoft Edge while accessing Bing Chat, which is powered by ChatGPT4 and has proven to be highly popular.

You may either download Google Chrome’s User-Agent Switcher extension or use the developer tools to modify the user-agent string for a specific area. The latter, though, has to be open while you utilize the website.

By searching for general. user agent. override in about config, choosing String, and then clicking the + button, you may modify the user agent string for Firefox.

Vivaldi uses a spoof of the Edge browser to get around Bing Chat limitations.
NEWS 5

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

Cyberghost

Cyberghost

A Computer science Engineer, Certified Ethical hacker (CEH), Offensive Security Certified professional (OSCP), SOC Analyst & Content Creator.