Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum

News 

APT Hackers Group Exploiting the Window OS Using New Zero Day

0 Replies, 1440 Views

[Image: hackerhackingdarkhoodie-580x358.jpg]


             A Zero-Day in Windows OS is currently being exploited in the wild, and aspiring APT groups have been hot on its trail. A fairly new APT group, designated "SandCat" has been utilizing the Zero-Day for quite some time. This group was originally observed engaging in activity in 2018, but according to speculation, they may have been around for some time. 

      The Zero-Day, designated CVE-2019-0797 is a vulnerability that is located in the win32k driver due to a bad sync between undocumented two syscalls. 

      Researchers from Kasbersky Labs, had this to say in regards to the Zero-Day:

      “The problem lies in the fact that when the syscalls NtDCompositionDiscardFrame and NtDCompositionDestroyConnection are executed simultaneously, the function DiscardAllCompositionFrames may be executed at a time when the NtDCompositionDiscardFrame syscall is already looking for a frame to release or has already found it. This condition leads to a use-after-free scenario.”

     Microsoft has urged all Windows users to update their systems with the latest patch for this vulnerability. 

     Original article can be found here. 


      That was the news folks, have a good week, and stay safe out there.


     --Mad-Architect
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Top tip, everyone: Chinese hackers are hitting these 25 vulns, so make sure you patc News 0 1,805 10-21-2020, 11:27 AM
Last Post: News
Star News US Warns: Hackers Chaining Zerologon, Other Vulnerabilities News 0 1,851 10-11-2020, 01:15 PM
Last Post: News
Exclamation News Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely Mr.Kurd 0 1,688 06-12-2020, 08:24 AM
Last Post: Mr.Kurd
Exclamation News $100,000 Bounty Apple Zero-day Bug in “Sign in with Apple” Let Hackers Take Takeover Mr.Kurd 0 1,736 06-01-2020, 07:42 AM
Last Post: Mr.Kurd
Star News Hackers Are Bundling Cryptominer With a Seemingly Legit Zoom Installer on Unofficial Mr.Kurd 0 1,942 04-08-2020, 08:43 AM
Last Post: Mr.Kurd
Question News Windows Running MS-SQL Servers Under Attack!! Hackers Installing 10 Secret Backdoors Mr.Kurd 0 1,528 04-02-2020, 08:38 AM
Last Post: Mr.Kurd
Sad News Critical RCE Bug in WordPress Plugin Let Hackers Gain Admin Access on 200,000 Website Mr.Kurd 0 1,500 04-01-2020, 11:19 AM
Last Post: Mr.Kurd
Exclamation News Hackers Deliver LimeRAT Malware Using Password Protected Excel Spreadsheet’s Mr.Kurd 0 1,637 04-01-2020, 11:17 AM
Last Post: Mr.Kurd
Shocked News Hackers Using Zoom’s Popularity in Coronavirus Outbreak to Infect Computers Mr.Kurd 0 1,678 03-31-2020, 07:36 AM
Last Post: Mr.Kurd
Exclamation News Hackers Exploiting 2 Unpatched Windows 0-Day Vulnerabilities in Wide – Microsoft Warn Mr.Kurd 0 1,924 03-24-2020, 07:56 AM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)