Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Windscribe
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 5 Vote(s) - 3 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News APT Hackers Group Exploiting the Window OS Using New Zero Day
#1
[Image: hackerhackingdarkhoodie-580x358.jpg]


             A Zero-Day in Windows OS is currently being exploited in the wild, and aspiring APT groups have been hot on its trail. A fairly new APT group, designated "SandCat" has been utilizing the Zero-Day for quite some time. This group was originally observed engaging in activity in 2018, but according to speculation, they may have been around for some time. 

      The Zero-Day, designated CVE-2019-0797 is a vulnerability that is located in the win32k driver due to a bad sync between undocumented two syscalls. 

      Researchers from Kasbersky Labs, had this to say in regards to the Zero-Day:

      “The problem lies in the fact that when the syscalls NtDCompositionDiscardFrame and NtDCompositionDestroyConnection are executed simultaneously, the function DiscardAllCompositionFrames may be executed at a time when the NtDCompositionDiscardFrame syscall is already looking for a frame to release or has already found it. This condition leads to a use-after-free scenario.”

     Microsoft has urged all Windows users to update their systems with the latest patch for this vulnerability. 

     Original article can be found here. 


      That was the news folks, have a good week, and stay safe out there.


     --Mad-Architect
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Exclamation News Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely Mr.Kurd 0 387 06-12-2020, 08:24 AM
Last Post: Mr.Kurd
Exclamation News $100,000 Bounty Apple Zero-day Bug in “Sign in with Apple” Let Hackers Take Takeover Mr.Kurd 0 348 06-01-2020, 07:42 AM
Last Post: Mr.Kurd
Star News Hackers Are Bundling Cryptominer With a Seemingly Legit Zoom Installer on Unofficial Mr.Kurd 0 379 04-08-2020, 08:43 AM
Last Post: Mr.Kurd
Question News Windows Running MS-SQL Servers Under Attack!! Hackers Installing 10 Secret Backdoors Mr.Kurd 0 330 04-02-2020, 08:38 AM
Last Post: Mr.Kurd
Sad News Critical RCE Bug in WordPress Plugin Let Hackers Gain Admin Access on 200,000 Website Mr.Kurd 0 316 04-01-2020, 11:19 AM
Last Post: Mr.Kurd
Exclamation News Hackers Deliver LimeRAT Malware Using Password Protected Excel Spreadsheet’s Mr.Kurd 0 379 04-01-2020, 11:17 AM
Last Post: Mr.Kurd
Shocked News Hackers Using Zoom’s Popularity in Coronavirus Outbreak to Infect Computers Mr.Kurd 0 441 03-31-2020, 07:36 AM
Last Post: Mr.Kurd
Exclamation News Hackers Exploiting 2 Unpatched Windows 0-Day Vulnerabilities in Wide – Microsoft Warn Mr.Kurd 0 655 03-24-2020, 07:56 AM
Last Post: Mr.Kurd
  News Dark Web: Hackers launch Coronavirus sale to sell hacking tools Mr.Kurd 0 338 03-19-2020, 08:53 PM
Last Post: Mr.Kurd
Big Grin News Hackers are getting hacked via trojanized hacking tools Mr.Kurd 0 339 03-10-2020, 02:10 PM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)