Afternoon Dessert – 2022-12-14


Welcome to another Afternoon Dessert breakout:

Microsoft fixes Windows Server issue causing freezes, restarts
Microsoft has addressed an LSASS memory leak issue on some domain controllers that led to freezes and restarts after installing Windows Server updates released during last month’s Patch Tuesday. […]
Read more….

Ransomware Attackers Use Microsoft-Signed Drivers to Gain Access to Systems
Microsoft on Tuesday disclosed it took steps to suspend accounts that were used to publish malicious drivers that were certified by its Windows Hardware Developer Program were used to sign malware.
The tech giant said its investigation revealed the activity was restricted to a number of developer program accounts and that no further compromise was detected.
Cryptographically signing malware is
Read more….

Why PCI DSS 4.0 Should Be on Your Radar in 2023
Protecting customer data is critical for any business accepting online payment information. The Payment Card Industry Data Security Standard (PCI DSS), created by leading credit card companies, establishes best practices for protecting consumers’ information. By adhering to these standards, businesses can ensure that their customer’s personal and financial information is secure. 
Read more….

Open-source repositories flooded by 144,000 phishing packages
Unknown threat actors have uploaded a total of 144,294 phishing-related packages on the open-source package repositories NuGet, PyPI, and NPM. […]
Read more….

New GoTrim Botnet Attempting to Break into WordPress Sites’ Admin Accounts
A new Go-based botnet has been spotted scanning and brute-forcing self-hosted websites using the WordPress content management system (CMS) to seize control of the targeted systems.
“This new brute forcer is part of a new campaign we have named GoTrim because it was written in Go and uses ‘:::trim:::’ to split data communicated to and from the C2 server,” Fortinet FortiGuard Labs researchers
Read more….

The Dark Web is Getting Darker – Ransomware Thrives on Illegal Markets
The dark web is getting darker as cybercrime gangs increasingly shop their malware, phishing, and ransomware tools on illegal cybercrime markets. […]
Read more….

NSA shares tips on mitigating 5G network slicing threats
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI), have published a joint report that highlights the most likely risks and potential threats in 5G network slicing implementations. […]
Read more….

Microsoft: Windows 10 21H1 has reached end of servicing
Multiple editions of Windows 10 21H1 have reached their end of service (EOS) on this month’s Patch Tuesday, as Microsoft reminded customers yesterday. […]
Read more….

VMware fixes critical ESXi and vRealize security flaws
VMware released security updates to address a critical-severity vulnerability impacting ESXi, Workstation, Fusion, and Cloud Foundation, and a critical-severity command injection flaw affecting vRealize Network Insight. […]
Read more….

Microsoft patches Windows zero-day used to drop ransomware
Microsoft has fixed a security vulnerability used by threat actors to circumvent the Windows SmartScreen security feature and deliver payloads in Magniber ransomware attacks.  […]
Read more….

Follow for more…


Create a website or blog at

%d bloggers like this: