Microsoft has made a definitive link between MEDoc and initial distribution of the Petya ransomware. Kaspersky Lab, meanwhile, has identified a Ukrainian government website used in a watering hole attack.
Microsoft Issues ‘Important’ Security Fix for Azure AD Connect
Microsoft is warning customers of an “important” update to its Azure AD Connect service that could allow for an elevation of privilege attack against affected systems.
Another RCE Vulnerability Patched in Microsoft Malware Protection Engine
Google Project Zero’s Tavis Ormandy found another remote code execution vulnerability in the Microsoft Malware Protection Engine, the third since early May.
Threatpost News Wrap, June 23, 2017
Mike Mimoso and Chris Brook discuss the news of the week, including Citizen Lab’s latest report, WannaCry hitting Honda, GhostHook, and Fireball.
GhostHook Attack Bypasses Windows 10 PatchGuard
Researchers at CyberArk have developed a bypass for Windows PatchGuard that leverages Intel’s Processor Trace (Intel PT) technology to execute code at the kernel.
Microsoft Says Fireball Threat ‘Overblown’
Check Point has toned down its initial estimates on the number of Fireball malware infections from 250 million machines and 20 percent of corporate networks to 40 million computers.
Phishing campaign spoofs online auto brand, exposes stolen passwords
It’s bad enough to be caught by an SMS phishing scam – but when the bad guys expose your stolen account details to the world, that really rubs salt into the wound
Microsoft Admits Disabling Anti-Virus Software For Windows 10 Users
An anonymous reader quotes a report from the BBC: Microsoft has admitted that it does temporarily disable anti-virus software on Windows PCs, following an competition complaint to the European Commission by a security company. In early June, Kaspersky Lab filed…
Microsoft Extends Edge Bug Bounty Program Indefinitely
Microsoft said Wednesday it would extend its Edge bug bounty program indefinitely.
News in brief: WannaCry knocks out Honda plant; Skype hit by global outage; NSA shares tools on GitHub
Your daily round-up of some of the other stories in the news