Why Zero Trust Should be the Foundation of Your Cybersecurity Ecosystem

For cybersecurity professionals, it is a huge challenge to separate the “good guys” from the “villains”. In the past, most cyberattacks could simply be traced to external cybercriminals, cyberterrorists, or rogue nation-states. But not anymore. Threats from within organizations – also known as “insider threats” – are increasing and cybersecurity practitioners are feeling the pain.  Traditional

LastPass source code breach – incident response report released

Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.

S3 Ep100: Browser-in-the-Browser – how to spot an attack [Audio + Text]

Latest episode - listen now! Cosmic rockets, zero-days, spotting cybercrooks, and unlocking the DEADBOLT...

Microsoft's Latest Security Update Fixes 64 New Flaws, Including a Zero-Day

Tech giant Microsoft on Tuesday shipped fixes to quash 64 new security flaws across its software lineup, including one zero-day flaw that has been actively exploited in real-world attacks. Of the 64 bugs, five are rated Critical, 57 are rated Important, one is rated Moderate, and one is rated Low in severity. The patches are in addition to 16 vulnerabilities that Microsoft addressed in its

Over 280,000 WordPress Sites Attacked Using WPGateway Plugin Zero-Day Vulnerability

A zero-day flaw in the latest version of a WordPress premium plugin known as WPGateway is being actively exploited in the wild, potentially allowing malicious actors to completely take over affected sites. Tracked as CVE-2022-3180 (CVSS score: 9.8), the issue is being weaponized to add a malicious administrator user to sites running the WPGateway plugin, WordPress security company Wordfence

Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw

Apple has released another round of security updates to address multiple vulnerabilities in iOS and macOS, including a new zero-day flaw that has been used in attacks in the wild. The issue, assigned the identifier CVE-2022-32917, is rooted in the Kernel component and could enable a malicious app to execute arbitrary code with kernel privileges. "Apple is aware of a report that this issue may

Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in ~5 Million Attempts

A zero-day flaw in a WordPress plugin called BackupBuddy is being actively exploited, WordPress security company Wordfence has disclosed. "This vulnerability makes it possible for unauthenticated users to download arbitrary files from the affected site which can include sensitive information," it said. BackupBuddy allows users to back up their entire WordPress installation from within the

Chrome and Edge fix zero-day security hole – update now!

This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.

Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability

Apple on Wednesday backported security updates to older iPhones, iPads, and iPod touch devices to address a critical security flaw that has been actively exploited in the wild. The shortcoming, tracked as CVE-2022-32893 (CVSS score: 8.8), is an out-of-bounds write issue affecting WebKit that could lead to arbitrary code execution when processing maliciously crafted web content. WebKit is the

URGENT! Apple slips out zero-day update for older iPhones and iPads

Patch as soon as you can - that recent WebKit zero-day affecting new iPhones and iPads is apparently being used against older models, too.

S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]

Latest episode - listen now! (Or read the transcript if you prefer the text version.)

Update Chrome Now To Patch Actively Exploited Zero Day

Google Patches Chrome’s Fifth Zero-Day of the Year

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

Google Patches Chrome’s Fifth Zero-Day of the Year

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild

Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild. Tracked as CVE-2022-2856, the issue has been described as a case of insufficient validation of untrusted input in Intents. Security researchers Ashley Shen and Christian Resell of Google Threat Analysis Group have been credited with reporting the flaw on

Microsoft Patches Dogwalk Zero Day And 17 Critical Flaws

S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]

Latest episode - listen now!

Microsoft Uncovers Austrian Company Exploiting Windows and Adobe Zero-Day Exploits

A cyber mercenary that "ostensibly sells general security and information analysis services to commercial customers" used several Windows and Adobe zero-day exploits in limited and highly-targeted attacks against European and Central American entities. The company, which Microsoft describes as a private-sector offensive actor (PSOA), is an Austria-based outfit called DSIRF that's linked to the

Pegasus Spyware Used to Hack Devices of Pro-Democracy Activists in Thailand

Thai activists involved in the country's pro-democracy protests have had their smartphones infected with NSO Group's infamous Pegasus government-sponsored spyware. At least 30 individuals, spanning activists, academics, lawyers, and NGO workers, are believed to have been targeted between October 2020 and November 2021, many of whom have been previously detained, arrested and imprisoned for their

Microsoft Releases Fix for Zero-Day Flaw in July 2022 Security Patch Rollout

Microsoft released its monthly round of Patch Tuesday updates to address 84 new security flaws spanning multiple product categories, counting a zero-day vulnerability that's under active attack in the wild. Of the 84 shortcomings, four are rated Critical, and 80 are rated Important in severity. Also separately resolved by the tech giant are two other bugs in the Chromium-based Edge browser, one

Google patches “in-the-wild” Chrome zero-day – update now!

Running Chrome? Do the "Help-About-Update" dance move right now, just to be sure...

S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]

Latest episode - listen (or read) now!

Atlassian announces 0-day hole in Confluence Server – update now!

Zero-day announced - here's what you need to know

Mysterious “Follina” zero-day hole in Office – here’s what to do!

News has emerged of a "feature" in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn't help!

Apple patches zero-day kernel hole and much more – update now!

You'll find fixes for numerous kernel-level code execution holes, including an 0-day vulnerability in many (though not all) versions.

GitHub issues final report on supply-chain source code intrusions

Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency.

Apple pushes out two emergency 0-day updates – get ’em now!

More Apple zero-days - mobile devices, laptops and desktops affected. Update now!

Google Chrome patches mysterious new zero-day bug – update now

CVE-2022-1096 - another mystery in-the-wild 0-day in Chrome... check your version now!

Firefox patches two actively exploited 0-day holes: update now!

Firefox just published a double-zero-day patch - "remote code execution" combined with "sandbox escape". Update now!

Google announces zero-day in Chrome browser – update now!

Zero-day buses: none for a while, then three at once. Here's Google joining Apple and Adobe in "zero-day week"

Adobe fixes zero-day exploit in e-commerce code: update now!

There's a remote code execution hole in Adobe e-commerce products - and cybercrooks are already exploiting it.

S3 Ep68: Bugs, scams, privacy …and fonts?! [Podcast + Transcript]

Latest episode - listen now!

Check your patches – public exploit now out for critical Exchange bug

It was a zero-day bug until Patch Tuesday, now there's an anyone-can-use-it exploit. Don't be the one who hasn't patched.

Apple ships Monterey with security updates, fixes 0-day in Watch and TV products, updates iDevices

A slew of security bulletins from Apple HQ, including 37 bugs listed as fixed in the initial public release of macOS Monterey.

S3 Ep54: Another 0-day, double Apache patch, and Fight The Phish [Podcast]

Latest episode - listen now!

Microsoft Urges Customers to Update Windows as Soon as Possible

What happened  

Microsoft has shipped an emergency security update affecting most Windows users. This update partially addresses a security vulnerability known as PrintNightmare that could allow remote hackers to take over your system.  

How does this affect you?  

PrintNightmare could allow hackers to gain control of your computer. This means hackers could perform malicious activities like installing their own apps, stealing your data, and creating new user accounts.  

How to fix the issue

Microsoft recommends Windows 10, 8.1, and 7 users update their computers through Windows Update as soon as possible. Note that an additional patch will likely be required to fully fix the issue, so expect another update prompt from Microsoft in the days to come. 

Additional protection 

For extra protection against malware that may result from a hack like this one, we recommend an all-in-one security solution, like McAfee Total Protection or McAfee LiveSafe. If a hacker takes advantage of the exploit and tries to install additional malware, McAfee Total Protection/LiveSafe can help protect against those attempts. Learn more about our online security products here. 

An alternate solution for tech-savvy Windows users 

PrintNightmare exploits a vulnerability in the Windows Print Spooler service. The step-by-step instructions below will guide you through turning off the service to ensure hackers can no longer exploit the security flaw. The Print Spooler will remain off until the PC is rebooted.   

Step 1: Press the Windows key, and type Services, clicking on the Services App 

Step 2: Scroll down to the Print Spooler Service 

Step 3: Right-click on the Print Spooler Service and click Stop. 

The post Microsoft Urges Customers to Update Windows as Soon as Possible appeared first on McAfee Blogs.