tech
Windows security alert.
Government and private sector cybersecurity experts are alerting Windows users to hackers exploiting software vulnerabilities.
Published August 6, 2024 at 5:07pm by James Powel
New Vulnerabilities in Windows 10 Expose Users to Attacks
- The US Cybersecurity and Infrastructure Security Agency (CISA) has listed a Windows 10 vulnerability that could lead to remote code execution and privilege escalation.
- The vulnerability, CVE-2018-0824, is unknown to have been used in ransomware campaigns, but a recent report by CISCO Talos suggests a Chinese hacking group exploited it to attack a Taiwanese government research center.
- CISA's listing advises users to stop using the software or apply a patch, while also providing a Known Exploited Vulnerability Catalog for reference.
- In unrelated news, threat intelligence agency FortiGuard Labs has warned of an increase in malware attacks using SnakeKeylogger, targeting Windows users' credentials and keystrokes.
- This malware was originally sold on Russian crime forums and became a significant threat in 2020.
- Check Point Research, a cybersecurity firm, warned in 2022 that SnakeKeylogger is often spread through docx, xlsx, and PDF files with malicious macros.
- The warnings follow the "Crowdstrike outage" in July, where a Windows software update caused device failures.
Sources/URLs:
- CISA Listing: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- CISCO Talos Report: https://blog.talosintelligence.com/chinese-hacking-group-apt41-compromised-taiwanese-government-affiliated-research-institute-with-shadowpad-and-cobaltstrike-2/
- The Register Article: https://www.theregister.com/2024/08/05/snakekeylogger_malware_windows/
- Check Point Research: https://blog.checkpoint.com/security/may-2022s-most-wanted-malware-snake-keylogger-returns-to-the-index-in-eighth-place-following-email-campaigns-delivering-the-malware-via-pdf-files/
Read more: 'Criminals are preying on Windows users': Software subject of CISA, cybersecurity warnings