Software

MS06-042 reloaded

A couple of days ago we reported on a problem with the MS06-042 patch which was released earlier this month. Microsoft created a hotfix for the problem and announced that the patch would be re-released. However, a couple of days ago, the company announced that the updated patch could only be released once final testing was completed.

Well, now it is. You can find the re-released patch here. This fixes a critical vulnerability, remember, so it’s important to download and install the update as soon as possible.

MS06-042 reloaded

Your email address will not be published. Required fields are marked *

 

Reports

The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Subscribe to our weekly e-mails

The hottest research right in your inbox