NewApp Digest
search bot

IT security

Serious PostgreSQL flaw exploited in US Treasury zero-day attack
Tech Optimizer
February 21, 2025

Serious PostgreSQL flaw exploited in US Treasury zero-day attack

Security researchers have identified a zero-day vulnerability in PostgreSQL, labeled CVE-2025-1094, which is believed to have contributed to the cyber breach of the US Treasury in December. The breach was initially attributed to the command injection vulnerability CVE-2024-12356 in the BeyondTrust Remote Support platform. Successful exploitation of CVE-2024-12356 required prior exploitation of CVE-2025-1094. Although BeyondTrust issued a patch for CVE-2024-12356 in December 2024, it did not resolve the underlying issue of CVE-2025-1094, leaving it a zero-day vulnerability until reported to PostgreSQL. Chinese hackers reportedly gained remote access to multiple workstations within the US Treasury, potentially compromising unclassified documents. The details of the accessed documents and the number of workstations involved are not disclosed. This incident is part of a broader pattern of cyber attacks linked to Chinese state-sponsored actors.
Windows 10 on the brink of extinction: This is how vulnerable you really are!
Winsage
February 5, 2025

Windows 10 on the brink of extinction: This is how vulnerable you really are!

Microsoft will cease support for Windows 10 in October 2025, meaning new security vulnerabilities will not be patched, increasing exposure to threats. Cybercriminals are expected to target Windows 10, which still has over 60% market share, making it an attractive target. ESET estimates that around 32 million PCs in Germany are still using Windows 10. Users can opt for the Extended Security Updates program for an additional cost, extending updates until October 2026, or use 0Patch for updates until 2030. Windows 10 IoT Enterprise LTSC 2021 will receive updates until 2032, but its use as an office PC is restricted. Users are encouraged to upgrade to Windows 11 where hardware compatibility exists for ongoing security updates and new features.
Christmas special: Office 2021 Pro Key for only €35,24 and Windows at the lowest price of €15,29!
Winsage
December 27, 2024

Christmas special: Office 2021 Pro Key for only €35,24 and Windows at the lowest price of €15,29!

Godeal24 is hosting a Christmas sale with significant discounts on Microsoft licenses. Office 2021 Pro is priced at €32.25 for a five-PC version, and the Office 2021 Pro Plus key is available for €35.24, reflecting a 90% discount. Office 2016 Pro Plus is offered at €15.29, while Windows 11 Pro is available for €13.25, and Windows 10 Pro for €8.25. Volume discounts for bulk purchases are also provided. Customers can use the discount code "CWALLETCO" during checkout for additional savings. Godeal24 offers digital delivery, 24/7 technical support, and a 98% Excellent rating on TrustPilot. Customers can contact service@godeal24.com for inquiries.
Christmas software sale: Windows 11 Pro for €13,25 and lifetime MS Office for only €15,29!
Winsage
December 21, 2024

Christmas software sale: Windows 11 Pro for €13,25 and lifetime MS Office for only €15,29!

Consumers are experiencing Christmas sales during the Black Friday shopping season, particularly on technology and software. Godeal24 is offering significant discounts on Microsoft products, including Windows 11 Pro for €13.25 and a 5 PC bundle for €10.63 per PC. Microsoft Office 2021 is available for €15.29, while the Office Professional 2021 version, which includes Microsoft Teams, costs €35.24. All software keys from Godeal24 are genuine, and the offers are time-sensitive. Godeal24 provides digital delivery of purchased software, has a 98% rating on TrustPilot, and offers technical support and lifetime after-sales service. Customers can contact Godeal24 at service@godeal24.com for inquiries.
AV-Comparatives Announces 2024 Phishing Test Results: Avast and McAfee Excel in Yearly Assessment
Tech Optimizer
December 3, 2024

AV-Comparatives Announces 2024 Phishing Test Results: Avast and McAfee Excel in Yearly Assessment

AV-Comparatives conducted an evaluation of phishing protection in 2024, examining 1,000 phishing URLs across four quarterly assessments. Avast and McAfee achieved detection rates of 95%, though McAfee had a higher incidence of false positives. The evaluation included various antivirus programs and web browsers, with Avast leading the final quarterly test with a 95% detection rate on 250 phishing URLs. Other notable performers included Bitdefender, Kaspersky, McAfee, and Trend Micro, with G Data and Kaspersky also scoring above 90%. Phishing remains a significant cyber threat, leading to potential financial losses and identity theft. AV-Comparatives is an independent testing laboratory recognized for its assessments of cybersecurity products.
Windows 11 Professional, Office 2021 Pro and other software are now at unbeatable prices
Winsage
November 9, 2024

Windows 11 Professional, Office 2021 Pro and other software are now at unbeatable prices

China's 11.11/11 Shopping Day, also known as Singles' Day, occurs annually on November 11 and is a major online shopping event that surpasses Black Friday and Cyber Monday. Godeal24 is participating this year, offering significant discounts on Microsoft products, such as Office 2021 Pro for €35.11 and Windows 11 Pro for €13.25. The upcoming Fall 2024 update for Windows 11, codenamed 24H2, will include various enhancements. Office 2024 is available with Office Home 2024 priced at €99.99 and Home and Business edition at €169.99, with a 30% discount available. Godeal24 provides digital delivery of software, a 98% TrustPilot rating, and 24/7 technical support. Customers can contact Godeal24 at service@godeal24.com for assistance.
Exploit released for new Windows Server "WinReg" NTLM Relay attack
Winsage
October 22, 2024

Exploit released for new Windows Server “WinReg” NTLM Relay attack

A proof-of-concept exploit code for a vulnerability in Microsoft's Remote Registry client, identified as CVE-2024-43532, has been made publicly available. This vulnerability allows unauthorized control over a Windows domain by compromising the authentication process. It exploits a fallback mechanism in the Windows Registry client that defaults to older transport protocols when SMB transport is unavailable, enabling attackers to relay NTLM authentication to Active Directory Certificate Services (ADCS) and obtain user certificates for further domain authentication. The vulnerability arises from the management of RPC authentication during fallback situations, where weaker authentication levels are used. An attacker can create new domain administrator accounts by intercepting the NTLM authentication handshake and forwarding it to another service. The vulnerability was reported by Akamai researcher Stiv Kupchik to Microsoft, which initially dismissed it as a documentation issue before confirming it and releasing a fix. The researcher recently presented a working proof-of-concept at the No Hat security conference, detailing the exploitation process. Akamai's report includes methods for detecting the vulnerability and monitoring RPC calls related to the WinReg RPC interface.
Kaseya survey finds human behaviour a top cyber threat
Tech Optimizer
October 22, 2024

Kaseya survey finds human behaviour a top cyber threat

Kaseya's 2024 Cybersecurity Survey Report highlights that 89% of IT professionals view human behavior as the primary threat to cybersecurity. Phishing scams impact 58% of businesses surveyed, while ransomware payouts have declined to 11% due to increased investments in backup and recovery technologies. Over 80% of respondents expect their IT security budgets to remain stable or grow, with planned investments in cloud security, automated penetration testing, and security awareness training. The survey indicates a rise in cyber insurance adoption, increasing from 27% to 61% in 2024. The sample primarily includes companies from North America, with a focus on those with annual revenues between USD million and USD million and employing 101 to 500 individuals.
Windows Zero-day Flaw Let Hackers Downgrade Fully Updated Systems to Old Vulnerabilities
Winsage
August 8, 2024

Windows Zero-day Flaw Let Hackers Downgrade Fully Updated Systems to Old Vulnerabilities

Software and operating system vendors are increasingly focused on enhancing cybersecurity due to the rapid exploitation of outdated software by threat actors. A significant example is the BlackLotus UEFI BootKit malware, which downgraded the Windows Boot Manager to a vulnerable version, allowing attackers to bypass Secure Boot and gain persistent access to systems. This malware can operate on fully patched Windows 11 systems, raising concerns about current security measures. Researchers discovered a critical flaw that allowed control over the Windows Update process, leading to the creation of a tool called Windows Downdate. This tool could downgrade updates and bypass verification steps, allowing the downgrading of critical OS components while the system falsely reported being fully updated. Key security features were also downgraded, exposing previously patched vulnerabilities and transforming them into zero-days. The Windows Update architecture involves an update client and server, with the client typically operating with Administrator privileges. The update process includes client requests, server validation, and execution of actions during system reboot. Investigation revealed that the Trusted Installer was not enforced on a specific registry key, allowing for manipulation of update actions. The attack methodology did not require malicious elevation of Trusted Installer privileges and relied on setting the Trusted Installer service to Auto-Start, modifying the registry, and including the pending.xml identifier without enforcement. The attack was undetectable, allowing the system to appear fully updated despite downgrades. Actions performed during the attack cannot be reversed, and Microsoft has issued two CVEs in response to these vulnerabilities, acknowledging the work of SafeBreach in identifying them.
Multiple Chrome Vulnerabilities Let Attackers Execute Malicious Code
Winsage
August 7, 2024

Multiple Chrome Vulnerabilities Let Attackers Execute Malicious Code

Google has released a security update for its Chrome browser, version 127.0.6533.99/.100 for Windows and Mac, and 127.0.6533.99 for Linux, announced on August 6, 2024. The update addresses several high-severity vulnerabilities, including: - CVE-2024-7532: Out-of-bounds memory access in ANGLE. - CVE-2024-7533: Use-after-free vulnerability in the Sharing feature. - CVE-2024-7550: Type confusion flaw in the V8 JavaScript engine. - CVE-2024-7534: Heap buffer overflow in the Layout component. - CVE-2024-7535: Inappropriate implementation in V8. - CVE-2024-7536: Use-after-free vulnerability in WebAudio. Google has not disclosed specific details about the vulnerabilities to prevent further exploitation. Security researchers who reported these vulnerabilities received bug bounties, including ,000 for the Sharing vulnerability. Users are encouraged to update their Chrome browsers to ensure protection against potential attacks. The update process involves navigating to Help > About Google Chrome, where Chrome will check for updates automatically.
Search