CyberSecurityBoard
Sponsor Register Login

CVE-2018-8217

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10. This CVE ID is unique from CVE-2018-8201, CVE-2018-8211, CVE-2018-8212, CVE-2018-8215, CVE-2018-8216, CVE-2018-8221.

Publication date: Thu, 14 Jun 2018 17:29:00 +0000


Cyber News related to CVE-2018-8217

Who is the DOGE and X Technician Branden Spikes? – Krebs on Security - Branden Spikes California Russian Association Congress of Russian Americans Constellation of Humanity Cyberinc Department of Government Efficiency Diana Fishman Donald J. Prior to founding Spikes Security, Branden Spikes was married to a native ...
3 days ago Krebsonsecurity.com
Securities and Exchange Commission Cyber Disclosure Rules: How to Prepare for December Deadlines - Starting Dec. 18, publicly traded companies will need to report material cyber threats to the SEC. Deloitte offers business leaders tips on how to prepare for these new SEC rules. The U.S. Securities and Exchange Commission’s new rules around ...
1 year ago Techrepublic.com
SIEM agent being used in SilentCryptoMiner attacks | Securelist - The most interesting action in this attack was the implementation of unusual techniques like using an SIEM agent as backdoor, adding the malicious payload to a legitimate digital signature, and hiding directories containing malicious files. The ...
5 months ago Securelist.com
Crooked Cops, Stolen Laptops & the Ghost of UGNazi – Krebs on Security - Earlier this year, an Internet sleuth on Youtube showed that even though Zelocchi’s IMDB profile has him earning more awards than most other actors on the platform (here he is holding a Youtube top viewership award), Zelocchi is probably better ...
5 months ago Krebsonsecurity.com Silence
New Sophisticated Linux Malware Exploiting Apache2 Web Servers - Throughout the campaign, the attackers demonstrated advanced knowledge of Linux systems by continuously adapting their malware and tactics to avoid detection while maximizing system resource exploitation for “cryptocurrency mining” and ...
5 months ago Cybersecuritynews.com
Akira Ransomware Attacking Windows Server via RDP & Evades EDR Using Webcam - Security experts recommend implementing network segmentation for IoT devices, performing regular internal network audits, maintaining strict patch management practices for all connected devices, changing default passwords on IoT equipment, and ...
4 hours ago Cybersecuritynews.com Akira
New Polymorphic Attack That Mimic Any Chrome Extension Installed On The Browser - This newly discovered “polymorphic extension attack” creates pixel-perfect replicas of legitimate extensions’ icons, HTML popups, and workflows, making it nearly impossible for users to distinguish them from authentic extensions. ...
3 hours ago Cybersecuritynews.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
5 months ago Securelist.com
China Telecom Trains AI Model Using Domestic Chips - The Institute of AI at China Telecom, one of China’s main state-backed telecoms firms, said the open source TeleChat2-115B and a second unnamed model were trained using tens of thousands of domestically produced chips. ByteDance, the ...
5 months ago Silicon.co.uk
Google Announces GoStringUngarbler Tool to Decrypt Go Based Malware - This innovation specifically targets binaries obfuscated using garble, an increasingly prevalent obfuscation compiler that has complicated malware analysis through sophisticated literal transformations and control flow manipulation. The garble ...
4 days ago Cybersecuritynews.com
CVE-2018-1000672 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, ...
55 years ago Tenable.com
China-aligned CeranaKeeper Makes A Beeline For Thailand - The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication ...
5 months ago Informationsecuritybuzz.com Mustang Panda
10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
2 weeks ago Cybersecuritynews.com
15 Best Patch Management Tools - 2025 - What is Good?What Could Be Better?Comprehensive patch management for various operating systems, applications, and third-party software.It is complex for new users and requires time and training to utilize its functionalities fully.Advanced analytics ...
4 days ago Cybersecuritynews.com
4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed - Help Net Security - The third phase of Operation Cronos, which involved officers from the UK National Crime Agency (NCA), the FBI, Europol and other law enforcement agencies, has resulted in the arrest of four persons for allegedly participating in the LockBit ...
5 months ago Helpnetsecurity.com LockBit
ChatGPT Maker OpenAI Raises $6.6bn In Funding | Silicon UK - Last week when OpenAI’s ‘for profit’ restructuring move was revealed, three senior executives abruptly announced they were departing, including Chief Technology Officer Mira Murati, VP Research Barret Zoph, and Chief Research ...
5 months ago Silicon.co.uk
DeepSeek Unveils FlashMLA, A Decoding Kernel That’s Make Things Blazingly Fast - DeepSeek has launched FlashMLA, a groundbreaking Multi-head Latent Attention (MLA) decoding kernel optimized for NVIDIA’s Hopper GPU architecture, marking the first major release of its Open Source Week initiative. This innovative tool achieves ...
2 weeks ago Cybersecuritynews.com
North Korean Hackers Cash Out $300 Million From $1.46 Billion ByBit Crypto Heist - Lazarus Group hackers believed to be affiliated with North Korea’s regime have successfully laundered at least $300 million from their unprecedented $1.5 billion cryptocurrency heist targeting the ByBit exchange. Elliptic’s analysis ...
8 hours ago Cybersecuritynews.com Lazarus Group
Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) - Help Net Security - Proofpoint’s threat researchers say that the attacks started on September 28 – several weeks after Zimbra developers released patches for CVE-2024-45519 and other flaws, and a day after ProjectDiscovery’s analysts published a ...
5 months ago Helpnetsecurity.com CVE-2024-45519
Parallels Desktop 0-Day Vulnerability Gain Root Privileges - PoC Released - All versions of Parallels Desktop, including the most recent 20.2.1 (55876), are vulnerable to the flaw identified as CVE-2024-34331, which results from insufficient security controls in the application’s macOS installer repackaging subsystem. ...
2 weeks ago Cybersecuritynews.com CVE-2024-34331
10 Best Email Security Gateways in 2025 - Barracuda Email Security Gateway is a solution that helps protect organizations from email-borne threats such as spam, viruses, phishing, and other malicious content. It uses various methods, including filtering, encryption, and sandboxing, to ...
2 weeks ago Cybersecuritynews.com
US Grounds SpaceX Falcon After Second-Stage Issue | Silicon UK - The US Federal Aviation Administration (FAA) has grounded SpaceX’s Falcon rockets for the third time in three months after a second-stage problem occurred following the successful launch of a Dragon Crew mission that brought two astronauts to ...
5 months ago Silicon.co.uk Rocke
New Variant Of XWorm Delivered Via Windows Script File - It executes a wide range of commands like “system manipulation” (‘shutdown,’ ‘restart,’ ‘logoff’), “file operations,” and “remote code execution” via PowerShell. This diverse ...
5 months ago Cybersecuritynews.com
Enveil enables organizations to securely train machine learning models - Help Net Security - By allowing customers to leverage Trusted Execution Environments (TEEs) for secure and private model training and evaluation — in addition to existing homomorphic encryption and secure multiparty compute-based offerings — Enveil expands its ...
5 months ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)