CyberSecurityBoard
Sponsor Register Login

SANS Internet Storm Center

We have patches for 60 vulnerabilities and 4 Chromium patches affecting Microsoft Edge.
A DoS against Hyper-V could have a significant impact, which may justify the rating.
The code execution vulnerability justifies a rating of critical.
Exploitation requires an attacker to first gain a foothold inside a virtual machine.
CVE-2024-26198: A remote code execution vulnerability for Exchange Server.
This is a DLL loading issue that is typically more difficult to exploit.
Authentication is required to exploit the vulnerability.
Overall, this Patch Tuesday doesn't look too bad. Follow your normal patch management process.
There is no need to get all worked up; tomorrow morning: Have some coffee, test... and later deploy once the tests are completed successfully.


This Cyber News was published on isc.sans.edu. Publication date: Tue, 12 Mar 2024 18:13:05 +0000


Cyber News related to SANS Internet Storm Center

Microsoft Targets Threat Group Behind Fake Accounts - Microsoft seized parts of the infrastructure of a prolific Vietnam-based threat group that the IT giant said was responsible for creating as many as 750 million fraudulent Microsoft accounts that were then sold to other bad actors and used to launch ...
1 year ago Securityboulevard.com APT29 Scattered Spider
Financially motivated threat actors misusing App Installer - Since mid-November 2023, Microsoft Threat Intelligence has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, utilizing the ms-appinstaller URI scheme to distribute malware. In ...
1 year ago Microsoft.com Black Basta
SANS Institute Research Shows the Frameworks Organizations Use - The report shares and analyzes research on a range of security operations center practices and outlines the current state of the SOC within many organizations, based on in-depth survey findings of IT and cybersecurity professionals from around the ...
1 year ago Darkreading.com
Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts - Microsoft on Wednesday announced the disruption of Storm-1152, a cybercrime-as-a-service ecosystem that created 750 million fraudulent Microsoft accounts in support of phishing, identity theft, and other schemes. The CaaS is believed to have made ...
1 year ago Securityweek.com Scattered Spider
Microsoft Disabled App Installer Abused by Hackers - Threat actors, particularly those with financial motivations, have been observed spreading malware via the ms-appinstaller URI scheme. As a result of this activity, Microsoft has disabled the ms-appinstaller protocol handler by default. The ...
1 year ago Cybersecuritynews.com Carbanak
Microsoft Shuts Down a Criminal Ring Responsible for Creating Over 750 Million Fake Accounts - Microsoft Corp. has shut down a cybercrime group's US-based infrastructure, which created more than 750 million fake accounts across the company's services. Microsoft carried out the takedown with the support of Arkose Labs Inc., a venture-backed ...
1 year ago Cysecurity.news Scattered Spider
Attacks begin on critical Atlassian Confluence vulnerability - Multiple cybersecurity organizations have observed exploitation attempts against a critical Atlassian Confluence vulnerability that was disclosed and patched last week. In a security advisory published on Jan. 16, Atlassian detailed a remote code ...
1 year ago Techtarget.com CVE-2023-22527 CVE-2023-22518 CVE-2023-22515
5 Lessons Learned from Windows Remote Desktop Honeypot Report - Recently, the SANS Institute released their annual Windows Remote Desktop Honeypot Report, providing comprehensive insights into the nature of malicious activity in a Windows environment. In order to understand how your own Windows network can be ...
2 years ago Bleepingcomputer.com
SANS Institute Launches AI Cybersecurity Hackathon - Running from February 15 to March 15, 2025, this hackathon provides an opportunity for cybersecurity professionals, ethical hackers, developers, and students to cultivate the critical skills and develop the open-source tools needed to address ...
2 weeks ago Darkreading.com
Building Data Center Infrastructure for the AI Revolution  - This is part two of a multi-part blog series on AI. Part one, Why 2024 is the Year of AI for Networking, discussed Cisco's AI networking vision and strategy. This blog will focus on evolving data center network infrastructure for supporting AI/ML ...
11 months ago Feedpress.me
Access to Internet Infrastructure is Essential, in Wartime and Peacetime - We've been saying it for 20 years, and it remains true now more than ever: the internet is an essential service. It enables people to build and create communities, shed light on injustices, and acquire vital knowledge that might not otherwise be ...
11 months ago Eff.org
CVE-2023-43123 - On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Of note, this does not impact modern ...
3 weeks ago
CVE-2008-6383 - SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via ...
7 years ago
Twisted Spider's Dangerous CACTUS Ransomware Attack - In a sophisticated cyber campaign, the group Twisted Spider, also recognized as Storm-0216, has joined forces with the cybercriminal faction Storm-1044. Employing a strategic method, they target specific endpoints through the deployment of an initial ...
1 year ago Cysecurity.news Cactus
Microsoft names cybercriminals behind AI deepfake network - Microsoft has named multiple threat actors part of a cybercrime gang accused of developing malicious tools capable of bypassing generative AI guardrails to generate celebrity deepfakes and other illicit content. Creators developed the tools that ...
1 week ago Bleepingcomputer.com
I've weathered a lot of hurricanes - these are my must-have storm tracking tools | ZDNET - The University of Wisconsin's Space Science and Engineering Center (SSEC) and the National Environmental Satellite, Data, and Information Service's (NESDIS) STAR GOES Imagery are two sites I consider invaluable for anyone wanting detailed ...
5 months ago Zdnet.com
The SANS Holiday Hack Challenge is back! The Register - Review and manage your consent Here's an overview of our use of cookies, similar technologies and how to manage them. Webinar Whether you are considering a career in cyber security or you already work in the industry, the 2023 SANS Holiday Hack ...
1 year ago Go.theregister.com
ISC Stormcast For Tuesday, October 1st, 2024 https://isc.sans.edu/podcastdetail/9160 - SANS Internet Storm Center - ...
5 months ago Isc.sans.edu
ISC Stormcast For Wednesday, October 2nd, 2024 https://isc.sans.edu/podcastdetail/9162 - SANS Internet Storm Center - ...
5 months ago Isc.sans.edu
ISC Stormcast For Thursday, October 3rd, 2024 https://isc.sans.edu/podcastdetail/9164 - SANS Internet Storm Center - ...
5 months ago Isc.sans.edu
ISC Stormcast For Friday, October 4th, 2024 https://isc.sans.edu/podcastdetail/9166 - SANS Internet Storm Center - ...
5 months ago Isc.sans.edu
How CSRD and EED are Reshaping Data Center Sustainability Reporting - It requires companies to prepare annual sustainability reports following the European Sustainability Reporting Standards. The CSRD introduces assurance requirements for sustainability reports, necessitating independent verification by auditors. ...
1 year ago Securityboulevard.com
Mt. Graham Regional Medical Center Recovers from Ransomware Attack but Confirms Data Breach - On September 29, 2023, Mount Graham Regional Medical Center filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after confirming a recent ransomware attack. In this notice, MGRMC explains that ...
1 year ago Jdsupra.com
CVE-2023-22513 - This High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute ...
1 year ago
Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted - Microsoft disrupted an alleged threat actor group that built viable cybercrime-as-a-service businesses. Dubbed Storm-1152 by Microsoft, the group bilked enterprises and consumers globally out of millions of dollars. Cybercrime-as-a-service is a model ...
1 year ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)