Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.
Here are the most interesting articles we’ve found this week that could be helpful to you:
We spend a lot of time making sure Microsoft Windows machines are patched to protect from known vulnerabilities. With this attack malicious actors can roll back previously patched software to take advantage of vulnerabilities.
SafeBreach security researcher Alon Leviev revealed at Black Hat 2024 that two zero-days could be exploited in downgrade attacks to “unpatch” fully updated Windows 10, Windows 11, and Windows Server systems and reintroduce old vulnerabilities.
No known exploits are currently in the wild but the security researcher was able to create a working proof of concept. Microsoft is working on a security patch to mitigate this attack.
Microsoft’s NTLM has had a troubled past. Tons of exploitable flaws, unsalted hashes, and continued use after the clear successor has been anointed. Unfortunately we will be left dealing with these types of issues for the foreseeable future.
The good new here is that this vulnerability has a decent mitigation while we wait for Microsoft to issue a patch.
In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability
This flaw isn’t currently being exploited but has been tagged as “highly probable” to be exploited.