Daffodil International University
Faculty of Science and Information Technology => Recent Technologies and Trends in Software Engineering => Software Engineering => Cyber and Software Security => Topic started by: maruf.swe on March 29, 2019, 01:57:32 AM
-
(https://media.threatpost.com/wp-content/uploads/sites/103/2018/12/21152821/54.jpeg)
Newly patched CVE-2019-0797 is being actively exploited by two APTs, FruityArmor and SandCat.
A newly-patched Microsoft Win32k vulnerability is being exploited in the wild by at least two threat actors, including a recently discovered advanced persistent threat (APT) group dubbed SandCat.
The exploited vulnerability (CVE-2019-0797), rated important, was patched on Tuesday as part of Microsoft’s regularly scheduled March security update. But Kaspersky Lab researchers said that the vulnerability is already being used by two APTs, SandCat and FruityArmor, to run arbitrary code on target systems.
SandCat is an APT that was discovered only recently, researchers Vasiliy Berdnikov and Boris Larin said in a Wednesday deep dive analysis of the vulnerability and its exploits.
For More Details : https://threatpost.com/sandcat-fruityarmor-exploiting-microsoft-win32k/142751/ (https://threatpost.com/sandcat-fruityarmor-exploiting-microsoft-win32k/142751/)