Oddbean new post about | logout
zCat | 8 days ago (raw) | export | reply | flag 
 Microsoft patches Windows zero-day exploited in attacks on Ukraine

Suspected Russian hackers were caught exploiting a recently patched Windows vulnerability as a zero-day in ongoing attacks targeting Ukrainian entities.

The security flaw (CVE-2024-43451) is an NTLM Hash Disclosure spoofing vulnerability reported by ClearSky security researchers, which can be exploited to steal the logged-in user's NTLMv2 hash by forcing connections to a remote attacker-controlled server.

"Minimal interaction with a malicious file by a user such as selecting (single-click), inspecting (right-click), or performing an action other than opening or executing could trigger this vulnerability.

See more: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-exploited-in-attacks-on-ukraine/

#cybersecurity #patches #zeroday
zCat | 8 days ago (raw) | root | parent | reply | flag 
 Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails

A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine.

The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to steal a user's NTLMv2 hash. It was patched by Microsoft earlier this week.

"Minimal interaction with a malicious file by a user such as selecting (single-click), inspecting (right-click), or performing an action other than opening or executing could trigger this vulnerability," Microsoft revealed in its advisory

See more: https://thehackernews.com/2024/11/russian-hackers-exploit-new-ntlm-flaw.html

#cybersecurity #phishing #malware

nostr:nevent1qqs8p06g66dejh5fza6l4n9lz0x4mz667qpr8wwwrmf3uh88yhhywysppemhxue69uhkummn9ekx7mp0qgspdlfx7qq9fanp28rt67f9ahh5zkrpqwh3n4z9lylkda0zfv6yy7srqsqqqqqpm5xxqh