Microsoft Warns of More Harmful Windows BlueKeep Attacks, Patch Now

The Microsoft Defender ATP Research Team says that the BlueKeep attacks detected on November 2 are connected with a coin mining campaign from September that used the same command-and-control (C2) infrastructure. […] BleepingComputer

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Microsoft is warning once again of more BlueKeep attacks that could deliver disruptive payloads and urges organizations to patch their systems. Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit, the attack aimed at installing a cryptocurrency miner on the infected systems. The popular expert Kevin Beaumont observed some of its EternalPot RDP honeypots crashing after being […]

DHS Warns of Critical Flaws in Medtronic Medical Devices

Critical vulnerabilities impacting Medtronic Valleylab products could allow attackers to overwrite files and achieve remote code execution, the Department of Homeland Security (DHS) warns. read more SecurityWeek RSS Feed

Legacy app whitelist can be abused to bypass latest macOS security defenses, expert warns

Three words to ruin an Apple engineer’s day: ‘Patrick Wardle disclosure’ Malware can bypass protections in macOS Mojave, and potentially access user data as well as the webcam and mic – by exploiting a hole in Apple’s legacy app support.… The Register – Security

Microsoft Warns of Malspam Campaign Abusing Office Vulnerability to Distribute Backdoor

Microsoft is warning users to be on the lookout for a malspam campaign that’s abusing an Office vulnerability in order to distribute a backdoor. On 7 June, Microsoft Security Intelligence took to Twitter to raise awareness of the operation. The campaign, which remains active as of this writing, begins when users receive a malspam email […]