Etek

CRITICAL VULNERABILITY IN WINDOWS IS EXPLOITED VIA OFFICE DOCUMENTS
In a joint statement from the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the UK National Cyber Security Center (NCSC) reported that the hacking group known as Sandworm is employing a dangerous new malwar...
Mylobot is a botnet malware, which infiltrates the Dark Web. It shows a high level of complexity based on evasion techniques. In terms of function, Mylobot can be used to download any payload, be it crypto mining, ransomware, banking Trojans, spyware, or other malware. STEALTH PROCESSES Anti-virtual...
Cisco has found a high-criticality vulnerability that could allow remote attackers to crash Cisco secure email devices using maliciously crafted email messages. The vulnerability CVE-2022-20653 describes that the DNS-based named entity authentication (DANE) email verification component of the Cisco ...
Microsoft Windows REGSVR32 Vulnerability Researchers report the detection of an increase in the use of the regsvr32.exe process through various Microsoft Office documents. According to the report, malware variants have been identified trying to execute .ocx files in a technique known as Squablydoo, ...
Since the pandemic in which we find ourselves due to COVID 19, the process of digitization and adoption of new technologies in the world accelerated as never expected, forcing people and organizations to work remotely at home implied using tools that were not previously contemplated, along with this...
Solarwinds software, known for its support in monitoring the availability and health of devices in many companies, is once again vulnerable in its Serv-U application unit used for file transfer. Solarwinds has been one of the most widely deployed software in companies to monitor the availability and...
Called noPac/sAMAccountName, two vulnerabilities on the Windows operating system would allow attackers to take complete control of active directories hosted on this technology. Although the two vulnerabilities have existed since November with the following identifiers CVE-2021-42278 and CVE-2021-422...
In the current scenario, any company should be present in the digital world, either to simplify processes or to attract more and new customers. However, online business presence brings risks because it increases the attack surface and exposes businesses to cyber-attacks. A recent Kaspersky report sh...