On December 10, 2024, Microsoft disclosed a critical vulnerability in its Windows Remote Desktop Services, tracked as CVE-2024-49115. This security flaw allows attackers to execute remote code on affected systems, posing a severe threat to confidentiality, integrity, and availability. The vulnerability has been classified as critical, with a CVSS score of 8.1. #Windows #RDP #vulnerabilities #security
Eric Stylemans’ Post
More Relevant Posts
-
Critical security issues, associated with System credentials leak and Local Private Key Leak, have been discovered in Gnome Remote Desktop in Linux distributions. GNOME desktop manager was equipped with a new feature which allowed remote users to create graphical sessions on the system by configuring the system daemon. This daemon runs as a dedicated “gnome-remote-desktop” and also provides a D-bus interface on the D-bus system bus. These features have been introduced in GNOME remote desktop version 46 along with several other system services. However, some of the new system services were discovered with some critical security issues in which one of them was associated with System credentials leak and Local Private Key Leak... #informationsecurity #cybersecurity #security #infosec #linux #vulnerability #gnome #dataleak #alert
GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials
https://gbhackers.com
To view or add a comment, sign in
-
read login..
Cybersecurity | Instructor | Mentor | I assist people and organizations in staying ahead of cybercriminals | Spiritual Guru
Critical security issues, associated with System credentials leak and Local Private Key Leak, have been discovered in Gnome Remote Desktop in Linux distributions. GNOME desktop manager was equipped with a new feature which allowed remote users to create graphical sessions on the system by configuring the system daemon. This daemon runs as a dedicated “gnome-remote-desktop” and also provides a D-bus interface on the D-bus system bus. These features have been introduced in GNOME remote desktop version 46 along with several other system services. However, some of the new system services were discovered with some critical security issues in which one of them was associated with System credentials leak and Local Private Key Leak... #informationsecurity #cybersecurity #security #infosec #linux #vulnerability #gnome #dataleak #alert
GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials
https://gbhackers.com
To view or add a comment, sign in
-
read login .
Cybersecurity | Instructor | Mentor | I assist people and organizations in staying ahead of cybercriminals | Spiritual Guru
Critical security issues, associated with System credentials leak and Local Private Key Leak, have been discovered in Gnome Remote Desktop in Linux distributions. GNOME desktop manager was equipped with a new feature which allowed remote users to create graphical sessions on the system by configuring the system daemon. This daemon runs as a dedicated “gnome-remote-desktop” and also provides a D-bus interface on the D-bus system bus. These features have been introduced in GNOME remote desktop version 46 along with several other system services. However, some of the new system services were discovered with some critical security issues in which one of them was associated with System credentials leak and Local Private Key Leak... #informationsecurity #cybersecurity #security #infosec #linux #vulnerability #gnome #dataleak #alert
GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials
https://gbhackers.com
To view or add a comment, sign in
-
Week in review: Windows Themes spoofing bug “returns”, employees phished via Microsoft Teams: Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Patching problems: The “return” of a Windows Themes spoofing vulnerability Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes file still affects Microsoft’s operating system, 0patch researchers have discovered. Black Basta operators phish employees via Microsoft Teams Black Basta ransomware affiliates are still trying to trick … More → The post Week in review: Windows Themes spoofing bug “returns”, employees phished via Microsoft Teams appeared first on Help Net Security.
Week in review: Windows Themes spoofing bug "returns", employees phished via Microsoft Teams - Help Net Security
https://www.helpnetsecurity.com
To view or add a comment, sign in
-
Atlassian Sourcetree For Mac & Windows Flaw Let Attackers Execute Remote Code A critical security vulnerability has been discovered in Atlassian’s popular version control client, Sourcetree, affecting both Mac and Windows versions. The flaw, identified as CVE-2024-21697, allows unauthenticated attackers to execute arbitrary code remotely, posing a significant risk to users. The vulnerability, which carries a high severity rating with a CVSS score of 8.8, was introduced in Sourcetree for Mac version 4.2.8 and Sourcetree for Windows version 3.4.19. This remote code execution (RCE) flaw has the potential to compromise the confidentiality, integrity, and availability of affected systems. Security researchers have warned that successful exploitation of this vulnerability could grant attackers complete control over the targeted systems. Atlassian, the company behind Sourcetree, has responded swiftly to the security threat. They have released patches to address the vulnerability and are strongly urging all users to update their software immediately. Stay Connected to Sidharth Sharma, CPA, CISA, CISM, CFE, CDPSE for content related to Cyber Security. #CyberSecurity #JPMC #Technology #InfoSec #DataProtection #DataPrivacy #ThreatIntelligence #CyberThreats #NetworkSecurity #CyberDefense #SecurityAwareness #ITSecurity #SecuritySolutions #CyberResilience #DigitalSecurity #SecurityBestPractices #CyberRisk #SecurityOperations
Atlassian Sourcetree For Mac & Windows Flaw Let Attackers Execute Remote Code
https://cybersecuritynews.com
To view or add a comment, sign in
-
🚨 Critical Windows Vulnerability Alert: Remote Registry at Risk! 🛡️ A severe Elevation of Privilege (EoP) flaw has been uncovered in Windows Remote Registry client. Here's the crucial information: ## Vulnerability Overview • CVE ID: CVE-2024-43532 • Severity: Critical (CVSS 8.8) • Key Impact: NTLM authentication relay possible ## Attack Vector • Exploits WinReg client fallback mechanism • Leverages legacy, insecure transport protocols • Enables interception of authentication data ## Security Implications • Potential domain-wide identity impersonation • Unauthorized access to mission-critical systems • Creation of persistent privileged accounts ## Mitigation Strategies • Urgent deployment of October 2024 security patch • Enhanced monitoring of network activities • Comprehensive review and update of authentication protocols 🔍 This discovery highlights the critical need for vigilant patch management and ongoing vulnerability assessment in enterprise environments. #cybersecurity #cybersécutité #vulnerability #CybersecurityAlert #WindowsVulnerability #ITSecurity #ThreatMitigation #PatchManagement #NetworkSecurity #PrivilegeEscalation #CyberDefense #InfoSecAwareness #EnterpriseSecurity For in-depth technical analysis, visit: https://lnkd.in/eYwB2xEG
Windows Remote Registry Client EoP Flaw Exposes Systems to Relay Attacks
https://cybersecuritynews.com
To view or add a comment, sign in
-
🚨 Windows Security Alert: Critical Flaw in Remote Registry! 🛡️ A major Elevation of Privilege (EoP) vulnerability has been discovered in the Windows Remote Registry client. Here's what you need to know: ## Vulnerability Details • Identifier: CVE-2024-43532 • CVSS Score: 8.8 (Critical) • Impact: Enables NTLM authentication relay ## Exploitation Mechanism • Uses a fallback mechanism in the WinReg client • Exploits obsolete transport protocols • Allows interception of authentication metadata ## Potential Risks • Identity spoofing within a domain • Unauthorized access to critical systems • Creation of persistent administrator accounts ## Recommended Actions • Immediately apply the October 2024 patch • Strengthen network activity monitoring • Update authentication policies 🔍 This discovery underscores the crucial importance of proactive patch management and continuous vulnerability monitoring. #cybersecurity #cybersécurité #vulnerability #WindowsSecurity #VulnerabilityManagement #CyberThreat #InfoSec #PatchManagement #CyberRisk #ITSecurity #NTLMRelay #PrivilegeEscalation #CyberAttack For more technical details, visit: https://lnkd.in/eYwB2xEG
Windows Remote Registry Client EoP Flaw Exposes Systems to Relay Attacks
https://cybersecuritynews.com
To view or add a comment, sign in
-
Excited to share my recent experience with leveraging SSH (Secure Shell) for secure and efficient remote management of company servers! In my current role, ensuring the security and integrity of our data is paramount. By using SSH, I've been able to: Enhance Security: SSH provides a secure channel over an unsecured network, protecting sensitive information from unauthorized access. Streamline Remote Management: Easily manage and configure servers remotely, boosting productivity and efficiency. Automate Tasks: Use SSH for scripting and automation, reducing manual intervention and minimizing errors. Improve Collaboration: Facilitate secure access for team members, enabling seamless collaboration across different locations. Implementing SSH has significantly improved our operational efficiency and security posture. Looking forward to exploring more innovative solutions to drive our projects forward! #SSH #CyberSecurity #RemoteManagement #ITInfrastructure #TechInnovation #backend #servers
To view or add a comment, sign in
-
Urgent Update: Microsoft Patch Tuesday Fixes Critical MSMQ Bug Microsoft has rolled out fixes for 49 vulnerabilities in the latest Patch Tuesday security update, including a critical bug in Microsoft Message Queuing -MSMQ- technology. This vulnerability - with a CVSS score of 9.8 out of 10 - could allow remote code execution -RCE- and potentially enable server takeover. The bug is remotely exploitable, requires no user interaction, and has high impacts on confidentiality, integrity, and availability. Attackers can exploit this by sending a specially crafted MSMQ packet. To check for vulnerability, ensure the 'Message Queuing' service is not running and that TCP port 1801 is closed. The vulnerability impacts all versions of Windows from Windows Server 2008 and Windows 10. Given the potential threat this bug poses, it's crucial to apply these patches immediately. Are your systems up-to-date with this critical fix? CVSS - Common Vulnerability Scoring System: A standard for assessing the severity of computer system security vulnerabilities. RCE - Remote Code Execution: A type of attack that allows attackers to run arbitrary code on a remote device. #CyberSecurity, #MicrosoftUpdate, #PatchTuesday, #MSMQ, #RCE, #ServerSecurity, #TechNews, #WindowsUpdate, #CyberThreats, #Infosec Source: https://lnkd.in/e9YXEKfu, Jai Vijayan, Contributing Writer
To view or add a comment, sign in
-
Windows Remote Registry Client EoP Flaw Exposes Systems to Relay Attacks: A critical elevation of privilege (EoP) vulnerability, identified as CVE-2024-43532, has been discovered in the Windows Remote Registry client. This vulnerability potentially allows attackers to relay NTLM authentication and gain unauthorized access to Windows systems. It carries a high CVSS score of 8.8 and affects all unpatched Windows versions. Akamai researcher Stiv Kupchik uncovered the […] The post Windows Remote Registry Client EoP Flaw Exposes Systems to Relay Attacks appeared first on Cyber Security News. #CyberSecurity #InfoSec
Windows Remote Registry Client EoP Flaw Exposes Systems to Relay Attacks
https://cybersecuritynews.com
To view or add a comment, sign in