The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Data breach, Stealthy malware, Vulnerabilities and Web skimmers. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Micropatching Unpatched Local Privilege Escalation in Mobile Device Management Service (CVE-2021-24084 / 0day)
(published: November 26, 2021)
0patch Team released free, unofficial patches to protect Windows 10 users from a local privilege escalation (LPE) zero-day vulnerability in the Mobile Device Management Service. The security flaw resides under the "Access work or school" settings, and it bypasses a patch released by Microsoft in February to address an information disclosure vulnerability tracked as CVE-2021-24084. Security researcher Abdelhamid Naceri discovered this month that the incompletely-patched flaw could also be exploited to gain admin privileges after publicly disclosing the newly-spotted bug in June. He also published a proof of concept (POC) for a related vulnerability in Windows 11.Analyst Comment: Check if your Windows 10 version is affected and if so, apply the appropriate free micropatches. Plan to patch your Windows 11 systems when security patches become available. As actors now have a POC for the Windows 11 privilege escalation vulnerability, it is important to harden your systems to avoid the initial access.MITRE ATT&CK: [MITRE ATT&CK] Exploitation for Privilege Escalation - T1068Tags: CVE-2021-24084, Vulnerability, ..
Support the originator by clicking the read the rest link below.
