CyberSecurityBoard
Sponsor Register Login

CVE-2018-8221

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8201, CVE-2018-8211, CVE-2018-8212, CVE-2018-8215, CVE-2018-8216, CVE-2018-8217.

Publication date: Thu, 14 Jun 2018 17:29:00 +0000


Cyber News related to CVE-2018-8221

How To Collect Malware Indicators Of Compromise In The ANY.RUN Sandbox - The sandbox captures various types of IOCs like “network communications,” “file system changes,” “registry modifications,” and “process behaviors,” enabling thorough threat assessment. The ANY.RUN ...
8 months ago Cybersecuritynews.com
New Sophisticated Linux Malware Exploiting Apache2 Web Servers - Throughout the campaign, the attackers demonstrated advanced knowledge of Linux systems by continuously adapting their malware and tactics to avoid detection while maximizing system resource exploitation for “cryptocurrency mining” and ...
8 months ago Cybersecuritynews.com
Hackers Exploiting Docker Swarm, Kubernetes & SSH Servers In Large Scale - The primary goal was “cryptojacking,” using the XMRig miner to mine “Monero cryptocurrency.” The attackers showed advanced tactics by manipulating “Docker Swarm,” to create a botnet-like network of compromised ...
8 months ago Cybersecuritynews.com TeamTNT
New Variant Of XWorm Delivered Via Windows Script File - It executes a wide range of commands like “system manipulation” (‘shutdown,’ ‘restart,’ ‘logoff’), “file operations,” and “remote code execution” via PowerShell. This diverse ...
8 months ago Cybersecuritynews.com
Hackers Exploiting Critical SolarWinds Serv-U Vulnerability In The Wild - The attacks evolved from simple vulnerability scans to intense exploitation attempts, with peaks of new payload types observed on specific dates (“July 7” and “July 29”). attempts emerged and target sensitive files like ...
8 months ago Cybersecuritynews.com
DOGE to Fired CISA Staff: Email Us Your Personal Data – Krebs on Security - On Monday, The New York Times reported that U.S. Secret Service agents at the White House were briefly on alert last month when a trusted captain of Elon Musk’s “Department of Government Efficiency” (DOGE) visited the roof of the ...
3 months ago Krebsonsecurity.com
Trump Revenge Tour Targets Cyber Leaders, Elections – Krebs on Security - Incredibly, the president’s memo seeking to ostracize Krebs stands reality on its head, accusing Krebs of promoting the censorship of election information, “including known risks associated with certain voting practices.” Trump also ...
2 months ago Krebsonsecurity.com Hunters
WinRAR 7.10 Released For 500 Million Users - What's New - Critical fixes target semi-solid archive corruption during updates, a memory allocation error in “-m1” compression mode, and context menu rendering glitches on high-DPI displays. The latest version of the widely-used file compression ...
4 months ago Cybersecuritynews.com
8220 Hacker Group Added Hadooken & K4Spreader Tools To Their Arsenal - The 8220 hacker group is known for targeting both Windows and Linux web servers by deploying “crypto-jacking” malware to exploit vulnerabilities. The Linux infection utilized scripts named “c” and “y” to deploy the ...
8 months ago Cybersecuritynews.com
SIEM agent being used in SilentCryptoMiner attacks | Securelist - The most interesting action in this attack was the implementation of unusual techniques like using an SIEM agent as backdoor, adding the malicious payload to a legitimate digital signature, and hiding directories containing malicious files. The ...
8 months ago Securelist.com
Whistleblower: DOGE Siphoned NLRB Case Data – Krebs on Security - “Our acting chief information officer told us not to adhere to standard operating procedure with the DOGE account creation, and there was to be no logs or records made of the accounts created for DOGE employees, who required the highest level ...
2 months ago Krebsonsecurity.com
New Mamona Ransomware Attack Windows Machines by Abusing Ping Commands - Cyber Security News - A new ransomware strain dubbed “Mamona” that operates entirely offline and leverages a clever attack strategy that abuses the Windows ping command. Encrypted files receive the “.HAes” extension (e.g., ...
1 month ago Cybersecuritynews.com Dragonforce
How Each Pillar of the 1st Amendment is Under Attack – Krebs on Security - In an address to Congress this month, President Trump claimed he had “brought free speech back to America.” But barely two months into his second term, the president has waged an unprecedented attack on the First Amendment rights of ...
2 months ago Krebsonsecurity.com
Lazarus Hackers Exploiting IIS Servers to Deploy ASP-based Web Shells - Unlike previous iterations that used the password “1234qwer,” the latest variant employs “2345rdx” as its authentication mechanism, indicating an evolution in their operational security measures. The continued evolution of ...
3 months ago Cybersecuritynews.com Lazarus Group
Chinese Agent Impersonates as Stanford Student For Intelligence Gathering - According to experts consulted during the investigation, Chen was “likely an agent of the Chinese Ministry of State Security (MSS), tasked with identifying sympathetic Stanford students and gathering intelligence”. The agent, operating ...
1 month ago Cybersecuritynews.com
CVE-2018-1000672 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, ...
55 years ago Tenable.com
Crooked Cops, Stolen Laptops & the Ghost of UGNazi – Krebs on Security - Earlier this year, an Internet sleuth on Youtube showed that even though Zelocchi’s IMDB profile has him earning more awards than most other actors on the platform (here he is holding a Youtube top viewership award), Zelocchi is probably better ...
8 months ago Krebsonsecurity.com Silence
Pakistani Firm Shipped Fentanyl Analogs, Scams to US – Krebs on Security - California resident Walter Horsting discovered something similar when he sued 360 Digital Marketing in small claims court last year, after hiring a company called Vox Ghostwriting to help write, edit and promote a spy novel he’d been working ...
1 month ago Krebsonsecurity.com
Developer Pleads Guilty For Sabotaging Company’s Computer Systems - Lu now faces up to 10 years in prison for deploying a custom “kill switch” and malware strains, including one named hakai (Japanese for “destruction”), which disrupted global operations and triggered financial losses estimated ...
3 months ago Cybersecuritynews.com
Hackers Revealed the Exploit Method Used to Hack 4chan Messageboard - “The hack was likely caused by 4chan using an extremely out-of-date version of PHP that has a lot of vulnerabilities and exploits and is using deprecated functions to interact with [their] MySQL database,” reported security researcher ...
2 months ago Cybersecuritynews.com
A Single Cloud Compromise Can Feed an Army of AI Sex Bots – Krebs on Security - “Once initial access was obtained, they exfiltrated cloud credentials and gained access to the cloud environment, where they attempted to access local LLM models hosted by cloud providers: in this instance, a local Claude (v2/v3) LLM model from ...
8 months ago Krebsonsecurity.com
Feds Link $150M Cyberheist to 2022 LastPass Hacks – Krebs on Security - In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service ...
3 months ago Krebsonsecurity.com
ViperSoftX Malware Attacking Users via Cracked Software - Following successful execution, the malware proceeds to download and execute additional payloads including PureCrypter, a commercial .NET packer that employs protobuf libraries for network communication, and Quasar RAT, an open-source remote access ...
2 months ago Cybersecuritynews.com
Chinese eCrime Hacker Group Attacking Users in 120+ Coutries to Steal Banking Credentials - The kit’s session management capabilities track victim progress through the phishing flow, with Chinese-language status messages in the JavaScript indicating: “当前正在首页” (Currently on the home page), ...
2 months ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)