New Vulnerabilities in Windows 10 Expose Users to Attacks

• The US Cybersecurity and Infrastructure Security Agency (CISA) has listed a Windows 10 vulnerability that could lead to remote code execution and privilege escalation.
• The vulnerability, CVE-2018-0824, is unknown to have been used in ransomware campaigns, but a recent report by CISCO Talos suggests a Chinese hacking group exploited it to attack a Taiwanese government research center.
• CISA's listing advises users to stop using the software or apply a patch, while also providing a Known Exploited Vulnerability Catalog for reference.
• In unrelated news, threat intelligence agency FortiGuard Labs has warned of an increase in malware attacks using SnakeKeylogger, targeting Windows users' credentials and keystrokes.
• This malware was originally sold on Russian crime forums and became a significant threat in 2020.
• Check Point Research, a cybersecurity firm, warned in 2022 that SnakeKeylogger is often spread through docx, xlsx, and PDF files with malicious macros.
• The warnings follow the "Crowdstrike outage" in July, where a Windows software update caused device failures.

Sources/URLs:

• CISA Listing: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
• CISCO Talos Report: https://blog.talosintelligence.com/chinese-hacking-group-apt41-compromised-taiwanese-government-affiliated-research-institute-with-shadowpad-and-cobaltstrike-2/
• The Register Article: https://www.theregister.com/2024/08/05/snakekeylogger_malware_windows/
• Check Point Research: https://blog.checkpoint.com/security/may-2022s-most-wanted-malware-snake-keylogger-returns-to-the-index-in-eighth-place-following-email-campaigns-delivering-the-malware-via-pdf-files/