The Latest in IT Security

Posts Tagged ‘Windows Vulnerability’

In yet another case of bring your own vulnerable driver (BYOVD) attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions. “The evasion technique supports disabling a whopping list of over 1,000 drivers on which security products rely to provide protection,” Sophos threat researcher Andreas […]

Read more ...

The vulnerability in question is CVE-2022-26925, which Microsoft describes as a Windows LSA spoofing vulnerability. The issue was addressed with the May 2022 Patch Tuesday updates and Microsoft warned at the time that the vulnerability has been publicly disclosed and exploited in attacks. “An unauthenticated attacker could call a method on the LSARPC interface and […]

Read more ...

The security hole, tracked as CVE-2022-22718, was fixed by Microsoft with its February 2022 Patch Tuesday updates. It was one of the four Print Spooler issues addressed at the time. According to Microsoft, CVE-2022-22718 can be exploited by a local attacker to escalate privileges, without the need for any user interaction. CISA on Tuesday added […]

Read more ...


Categories

WEDNESDAY, JULY 24, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments