Cross-Site Scripting (XSS) is alive and well, and used in attacks to obfuscate malicious links in phishing emails to redirect users to threat-actor controlled websites. We saw earlier this year that phishing attacks leveraging XSS were on the rise. Now, new scams are using XSS to hide their malicious intent within emails, according to new analysis from cybersecurity vendor INKY. These attacks usually begin with an email stating the victim has won something, as shown below: Source: INKY.

Read also: Police dismantle the Radar/Dispossessor ransomware group, a data broker gets a prison sentence, and more.

Microsoft has disclosed a critical (CVSS 9.8) TCP/IP remote code execution (RCE) vulnerability that impacts all Windows systems utilizing IPv6. To conduct this attack, threat actors can repeatedly send IPv6 packets that include specially crafted packets. By doing this, an unauthenticated attacker could exploit this vulnerability, leading to remote code execution. Systems that have IPv6 disabled are not susceptible to this vulnerability.

The article released on August 13, 2024 regarding the security update for Windows 11 for hot fix KB5041571 discusses the new features and improvements to the operating system. The security update includes changes to the lock screen, NetJoinLegacyAccountReuse, Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI), and Domain Name System (DNS). The article also includes a servicing stack update to improve the reliability of the Windows update process.

The 2024 Olympics are in full swing, and everyone at Snyk is excited to tune into the games and cheer on our respective countries’ athletes. There’s a lot to love about the Olympics — dazzling opening ceremonies, heart-racing feats, close-call victories, and so much more. But along with all the fun and excitement comes a sense of inspiration.

The latest data from Coveware shows a slowing of attack efficacy, a decrease in ransom payments being made, and a shift in initial access tactics. According to Coveware’s Q2 2024 Ransomware Quarterly Report, we see a few interesting trends: A new data point brought to light this quarter is the data exfiltration only (DXF) payment trend, which is relatively flat despite fluctuating between 53% in Q1 of 2022 when tracking began, down to a low of 23% in Q1 of this year.

Dependency confusion attacks exploit gaps in your software supply chain. Dive into modern dependency management and learn how to defend your systems with best practices.

Black Hat 2024 has come and gone. The Nucleus team attending the show has (mostly) caught up on their sleep, which can mean one thing – a look back at the conference and our impressions of the event.

Recently, CrowSec security researchers published a proof of concept (PoC) for a critical remote code execution (RCE) vulnerability in Windows Server (CVSS score 9.8), ranging all the way from Windows Server 2000 up to 2025. The vulnerable component is the Remote Desktop Licensing service, often deployed and enabled on Windows Servers using Remote Desktop Services. The exploit is a 0-click pre-auth exploitation, meaning no user interaction or authentication details are necessary.