Top Vulnerabilities Reported in the Last 24 HoursUpdates for Microsoft combo exploit
Microsoft has released new updates for a combo exploit campaign. The malicious campaign exploited the vulnerabilities of CVE-2017-0199 and CVE-2012-0158. The hackers apparently used the combo to drop the Lokibot banking Trojan.Hackers encrypt phishing page with AES
Cybercriminals are sending malicious files camouflaged as an Apple invoice. The attackers have launched a phishing page encrypted with AES and the malicious files sent to the victims lead them to it. The encrypted page asks for users’ Apple credentials, once the victims enter them their personal and financial data would be compromised.Patch released for Windows WSearch Service Vulnerability
Microsoft’s Windows operating system has been plagued with a search vulnerability. This flaw leverages the SMB vulnerability jeopardizing several machines hosting Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2 and more. Users should disable WSearch temporarily to mitigate the risk.