Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors.
The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office –
Microsoft Office 2016 for 32-bit edition and 64-bit editions
Microsoft
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-10 06:06:532024-08-10 06:06:53Microsoft Warns of Unpatched Office Vulnerability Leading to Data Breaches
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-09 23:06:342024-08-09 23:06:34Google Researchers Found Nearly a Dozen Flaws in Popular Qualcomm Software for Mobile GPUs
Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences.
“The impact of these vulnerabilities range between remote code execution (RCE), full-service user takeover (which might provide powerful administrative access), manipulation of AI modules, exposing sensitive data, data
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-09 23:06:342024-08-09 23:06:34Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-09 22:06:522024-08-09 22:06:52Intel has news – good, bad and ugly – about Raptor Lake bug patch. Here’s what to know
Businesses in China, the U.K. and the U.S. are using generative AI more than Australia. But the Aussies lead in understanding, planning for, and implementing generative AI use policies.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-09 20:06:432024-08-09 20:06:43Australian Enterprises Coming 4th in 2024 Global Survey of Generative AI Usage
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-09 20:06:432024-08-09 20:06:43Vectra AI Expands XDR Platform to Deliver a Real-Time View of Active Posture to Monitor Exposure to Attackers
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-09 20:06:432024-08-09 20:06:43WiCyS and ISC2 Launch Fall Camp for Cybersecurity Certification
Discover the difference between types of IVR testing tools, ensuring optimal performance and security for your business phone system. Plus, we’ll show you when to DIY or call in the pros.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-09 19:06:512024-08-09 19:06:515 Types of IVR Testing Tools and When To Use Each
Microsoft on Thursday disclosed four medium-severity security flaws in the open-source OpenVPN software that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE).
“This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-09 19:06:512024-08-09 19:06:51Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE
Six vulnerabilities in ATM-maker Diebold Nixdorf’s popular Vynamic Security Suite could have been exploited to control ATMs using “relatively simplistic attacks.”
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-09 19:06:502024-08-09 19:06:50Flaws in Ubiquitous ATM Software Could Have Let Attackers Take Over Cash Machines
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Microsoft Warns of Unpatched Office Vulnerability Leading to Data Breaches
/in General NewsMicrosoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors.
The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office –
Microsoft Office 2016 for 32-bit edition and 64-bit editions
Microsoft
The Hacker News – Read More
Google Researchers Found Nearly a Dozen Flaws in Popular Qualcomm Software for Mobile GPUs
/in General NewsThe vulnerabilities, which have been patched, may have novel appeal to attackers as an avenue to compromising phones.
Security Latest – Read More
Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers
/in General NewsCybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences.
“The impact of these vulnerabilities range between remote code execution (RCE), full-service user takeover (which might provide powerful administrative access), manipulation of AI modules, exposing sensitive data, data
The Hacker News – Read More
Intel has news – good, bad and ugly – about Raptor Lake bug patch. Here’s what to know
/in General NewsUsers must download and install a BIOS update as the patch won’t be made available via Windows Update.
Latest stories for ZDNET in Security – Read More
Australian Enterprises Coming 4th in 2024 Global Survey of Generative AI Usage
/in General NewsBusinesses in China, the U.K. and the U.S. are using generative AI more than Australia. But the Aussies lead in understanding, planning for, and implementing generative AI use policies.
Security | TechRepublic – Read More
Vectra AI Expands XDR Platform to Deliver a Real-Time View of Active Posture to Monitor Exposure to Attackers
/in General NewsPost Content
darkreading – Read More
WiCyS and ISC2 Launch Fall Camp for Cybersecurity Certification
/in General NewsPost Content
darkreading – Read More
5 Types of IVR Testing Tools and When To Use Each
/in General NewsDiscover the difference between types of IVR testing tools, ensuring optimal performance and security for your business phone system. Plus, we’ll show you when to DIY or call in the pros.
Security | TechRepublic – Read More
Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE
/in General NewsMicrosoft on Thursday disclosed four medium-severity security flaws in the open-source OpenVPN software that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE).
“This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information
The Hacker News – Read More
Flaws in Ubiquitous ATM Software Could Have Let Attackers Take Over Cash Machines
/in General NewsSix vulnerabilities in ATM-maker Diebold Nixdorf’s popular Vynamic Security Suite could have been exploited to control ATMs using “relatively simplistic attacks.”
Security Latest – Read More