Monday, January 20, 2020
Malware Must Die!: MMD-0065-2020 - Linux/Mirai-Fbot's new encryption ...
Malware Must Die!: MMD-0065-2020 - Linux/Mirai-Fbot's new encryption ...: Prologue I setup a local brand new ARM base router I bought online around this new year 2020 to replace my old pots, and yesterday, it wa...
Saturday, January 18, 2020
Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active
January 18, 2020Mohit Kumar
internet explorer zero day vulnerability
Internet Explorer is dead, but not the mess it left behind.
Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer (IE) browser that attackers are actively exploiting in the wild — and there is no patch yet available for it.
The vulnerability, tracked as CVE-2020-0674 and rated moderated, is a remote code execution issue that exists in the way the scripting engine handles objects in memory of Internet Explorer and triggers through JScript.dll library.
A remote attacker can execute arbitrary code on targeted computers and take full control over them just by convincing victims into opening a maliciously crafted web page on the vulnerable Microsoft browser.
"The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user," the advisory says. "If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.
An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights." Microsoft is aware of 'limited targeted attacks' in the wild and working on a fix, but until a patch is released, affected users have been provided with workarounds and mitigation to prevent their vulnerable systems from cyberattacks.
The affected web browsing software includes — Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 running on all versions of Windows 10, Windows 8.1, and the recently-discontinued Windows 7.
Workarounds: Defend Against Attacks Until A Patch Arrives According to the advisory, preventing the loading of the JScript.dll library can manually block the exploitation of this vulnerability.
To restrict access to JScript.dll, run following commands on your Windows system with administrator privileges.
For 32-bit systems:
takeown / f% windir% \ system32 \ jscript.dll
cacls% windir% \ system32 \ jscript.dll / E / P everyone: N
For 64-bit systems:
takeown / f% windir% \ syswow64 \ jscript.dll
cacls% windir% \ syswow64 \ jscript.dll / E / P everyone: N takeown / f% windir% \ system32 \ jscript.dll
cacls% windir% \ system32 \ jscript.dll / E / P everyone: N
When a patch update is available, users need to undo the workaround using the following commands:
For 32-bit systems:
cacls %windir%\system32\jscript.dll /E /R everyone
For 64-bit systems:
cacls %windir%\system32\jscript.dll /E /R everyone
cacls %windir%\syswow64\jscript.dll /E /R everyone
To be noted, some websites or features may break after disabling the vulnerable JScript.dll library that relies on this component, therefore, users should install updates as soon as they become available.
Mohit KumarHacker news
Internet Explorer is dead, but not the mess it left behind.
Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer (IE) browser that attackers are actively exploiting in the wild — and there is no patch yet available for it.
The vulnerability, tracked as CVE-2020-0674 and rated moderated, is a remote code execution issue that exists in the way the scripting engine handles objects in memory of Internet Explorer and triggers through JScript.dll library.
A remote attacker can execute arbitrary code on targeted computers and take full control over them just by convincing victims into opening a maliciously crafted web page on the vulnerable Microsoft browser.
"The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user," the advisory says. "If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.
An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights." Microsoft is aware of 'limited targeted attacks' in the wild and working on a fix, but until a patch is released, affected users have been provided with workarounds and mitigation to prevent their vulnerable systems from cyberattacks.
The affected web browsing software includes — Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 running on all versions of Windows 10, Windows 8.1, and the recently-discontinued Windows 7.
Workarounds: Defend Against Attacks Until A Patch Arrives According to the advisory, preventing the loading of the JScript.dll library can manually block the exploitation of this vulnerability.
To restrict access to JScript.dll, run following commands on your Windows system with administrator privileges.
For 32-bit systems:
takeown / f% windir% \ system32 \ jscript.dll
cacls% windir% \ system32 \ jscript.dll / E / P everyone: N
For 64-bit systems:
takeown / f% windir% \ syswow64 \ jscript.dll
cacls% windir% \ syswow64 \ jscript.dll / E / P everyone: N takeown / f% windir% \ system32 \ jscript.dll
cacls% windir% \ system32 \ jscript.dll / E / P everyone: N
When a patch update is available, users need to undo the workaround using the following commands:
For 32-bit systems:
cacls %windir%\system32\jscript.dll /E /R everyone
For 64-bit systems:
cacls %windir%\system32\jscript.dll /E /R everyone
cacls %windir%\syswow64\jscript.dll /E /R everyone
To be noted, some websites or features may break after disabling the vulnerable JScript.dll library that relies on this component, therefore, users should install updates as soon as they become available.
Mohit KumarHacker news
Αριθμοί υψηλής χρέωσης!!! Συχνές Ερωτήσεις Vodafone
Χρεώνομαι από ανεπιθύμητα πενταψήφια sms. Τι να κάνω;
Ενεργοποίησε άμεσα τη φραγή μέσα από τις ρυθμίσεις στο My Vodafone app.
Μπορείς επίσης να ζητήσεις από τον Tobi να ενεργοποιήσει τη φραγή για εσένα ή τηλεφωνικά από την εξυπηρέτηση στο 13830. Άλλος τρόπος είναι να επισκεφτείς ένα κατάστημα Vodafone.
Αν ενεργοποιήσεις τη φραγή σε αριθμούς που ξεκινούν από 19 ή/ και από 54, σου διασφαλίζουμε πως δε θα έχεις μελλοντικά σχετικές χρεώσεις. Αυτό ωστόσο δεν αποκλείει την ενεργοποίηση κάποιας άλλης υπηρεσίας προστιθέμενης αξίας ή χρέωση από αποστολή SMS, σε κάποιον αριθμό εκτός από όσους ξεκινούν από 19 ή από 54.
Τι είναι τα 5ψήφια SMS τρίτων εταιρειών;
Είναι υπηρεσίες περιεχομένου που παρέχονται από τρίτες εταιρίες οι οποίες είναι αποκλειστικά υπεύθυνες για το περιεχόμενο και τον τρόπο που τις παρέχουν.
Ποιο είναι το περιεχόμενο αυτών των υπηρεσιών;
Το περιεχόμενο αυτών των υπηρεσιών δεν είναι συγκεκριμένο. Ποικίλει ανάλογα την εταιρεία. Για παράδειγμα μπορεί να αφορά λήψη ενημερώσεων σχετικά με ζώδια ή με αθλητικά νέα.
Περισσότερα για το επίκαιρο θέμα εδώ: Συχνές Ερωτήσεις Vodafone
Thursday, January 16, 2020
Το νέο Microsoft Patch Tuesday διορθώνει και την ευπάθεια που εντοπίστηκε πρόσφατα στο CryptoAPI (Crypt32.dll) των Windows.
Microsoft Patch Tuesday Ιανουαρίου 2020: Διορθώνει 49 ευαπάθειες - https://www.secnews.gr/208236/microsoft-patch-efpatheies-diorthoseis-enimeroseis/
Posted by SecNews on Wednesday, January 15, 2020
Wednesday, January 15, 2020
Subscribe to:
Posts (Atom)