SANS Internet Storm Center

We have patches for 60 vulnerabilities and 4 Chromium patches affecting Microsoft Edge.
A DoS against Hyper-V could have a significant impact, which may justify the rating.
The code execution vulnerability justifies a rating of critical.
Exploitation requires an attacker to first gain a foothold inside a virtual machine.
CVE-2024-26198: A remote code execution vulnerability for Exchange Server.
This is a DLL loading issue that is typically more difficult to exploit.
Authentication is required to exploit the vulnerability.
Overall, this Patch Tuesday doesn't look too bad. Follow your normal patch management process.
There is no need to get all worked up; tomorrow morning: Have some coffee, test... and later deploy once the tests are completed successfully.


This Cyber News was published on isc.sans.edu. Publication date: Tue, 12 Mar 2024 18:13:05 +0000


Cyber News related to SANS Internet Storm Center

Microsoft Targets Threat Group Behind Fake Accounts - Microsoft seized parts of the infrastructure of a prolific Vietnam-based threat group that the IT giant said was responsible for creating as many as 750 million fraudulent Microsoft accounts that were then sold to other bad actors and used to launch ...
11 months ago Securityboulevard.com
Financially motivated threat actors misusing App Installer - Since mid-November 2023, Microsoft Threat Intelligence has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, utilizing the ms-appinstaller URI scheme to distribute malware. In ...
10 months ago Microsoft.com
SANS Institute Research Shows the Frameworks Organizations Use - The report shares and analyzes research on a range of security operations center practices and outlines the current state of the SOC within many organizations, based on in-depth survey findings of IT and cybersecurity professionals from around the ...
11 months ago Darkreading.com
Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts - Microsoft on Wednesday announced the disruption of Storm-1152, a cybercrime-as-a-service ecosystem that created 750 million fraudulent Microsoft accounts in support of phishing, identity theft, and other schemes. The CaaS is believed to have made ...
11 months ago Securityweek.com
Microsoft Disabled App Installer Abused by Hackers - Threat actors, particularly those with financial motivations, have been observed spreading malware via the ms-appinstaller URI scheme. As a result of this activity, Microsoft has disabled the ms-appinstaller protocol handler by default. The ...
10 months ago Cybersecuritynews.com
Microsoft Shuts Down a Criminal Ring Responsible for Creating Over 750 Million Fake Accounts - Microsoft Corp. has shut down a cybercrime group's US-based infrastructure, which created more than 750 million fake accounts across the company's services. Microsoft carried out the takedown with the support of Arkose Labs Inc., a venture-backed ...
11 months ago Cysecurity.news
5 Lessons Learned from Windows Remote Desktop Honeypot Report - Recently, the SANS Institute released their annual Windows Remote Desktop Honeypot Report, providing comprehensive insights into the nature of malicious activity in a Windows environment. In order to understand how your own Windows network can be ...
1 year ago Bleepingcomputer.com
Attacks begin on critical Atlassian Confluence vulnerability - Multiple cybersecurity organizations have observed exploitation attempts against a critical Atlassian Confluence vulnerability that was disclosed and patched last week. In a security advisory published on Jan. 16, Atlassian detailed a remote code ...
9 months ago Techtarget.com
Building Data Center Infrastructure for the AI Revolution  - This is part two of a multi-part blog series on AI. Part one, Why 2024 is the Year of AI for Networking, discussed Cisco's AI networking vision and strategy. This blog will focus on evolving data center network infrastructure for supporting AI/ML ...
8 months ago Feedpress.me
CVE-2008-6383 - SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via ...
7 years ago
Twisted Spider's Dangerous CACTUS Ransomware Attack - In a sophisticated cyber campaign, the group Twisted Spider, also recognized as Storm-0216, has joined forces with the cybercriminal faction Storm-1044. Employing a strategic method, they target specific endpoints through the deployment of an initial ...
11 months ago Cysecurity.news
Access to Internet Infrastructure is Essential, in Wartime and Peacetime - We've been saying it for 20 years, and it remains true now more than ever: the internet is an essential service. It enables people to build and create communities, shed light on injustices, and acquire vital knowledge that might not otherwise be ...
8 months ago Eff.org
I've weathered a lot of hurricanes - these are my must-have storm tracking tools | ZDNET - The University of Wisconsin's Space Science and Engineering Center (SSEC) and the National Environmental Satellite, Data, and Information Service's (NESDIS) STAR GOES Imagery are two sites I consider invaluable for anyone wanting detailed ...
1 month ago Zdnet.com
The SANS Holiday Hack Challenge is back! The Register - Review and manage your consent Here's an overview of our use of cookies, similar technologies and how to manage them. Webinar Whether you are considering a career in cyber security or you already work in the industry, the 2023 SANS Holiday Hack ...
11 months ago Go.theregister.com
Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted - Microsoft disrupted an alleged threat actor group that built viable cybercrime-as-a-service businesses. Dubbed Storm-1152 by Microsoft, the group bilked enterprises and consumers globally out of millions of dollars. Cybercrime-as-a-service is a model ...
11 months ago Helpnetsecurity.com
CISO Corner: What Cyber Labor Shortage?; SEC Deadlines - Welcome to CISO Corner, Dark Reading's weekly digest of articles tailored specifically to security operations readers and security leaders. Companies could face millions of dollars in fines if they fail to notify the SEC of a material breach. ...
6 months ago Darkreading.com
How CSRD and EED are Reshaping Data Center Sustainability Reporting - It requires companies to prepare annual sustainability reports following the European Sustainability Reporting Standards. The CSRD introduces assurance requirements for sustainability reports, necessitating independent verification by auditors. ...
11 months ago Securityboulevard.com
CVE-2023-22513 - This High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute ...
1 year ago
Mt. Graham Regional Medical Center Recovers from Ransomware Attack but Confirms Data Breach - On September 29, 2023, Mount Graham Regional Medical Center filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after confirming a recent ransomware attack. In this notice, MGRMC explains that ...
11 months ago Jdsupra.com
Hurricane Helene Aftermath - Cyber Security Awareness Month - SANS Internet Storm Center - Cellular networks tend to work pretty well during smaller disasters, but they need power, towers, and other infrastructure, which will fail in large-scale disasters. Strictly speaking, they are not "fake news," but legitimate news sources ...
1 month ago Isc.sans.edu
CVE-2021-40865 - An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users ...
3 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)