privilege escalation Archives - Arab Security Consultants

Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

Monday, 28 October 2024 by Ayman Hamam

A new attack technique could be used to bypass Microsoft’s Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. “This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize security controls, hide processes and network activity, maintain stealth, and much more,” SafeBreach

Published in News

Tagged under: ASC, Code Integrity, CVE-2024-21302, CVE-2024-38202, cyberSecurity, CYbersecurityCOnsultant, Driver Signature Enforcement, DSE Bypass, Kernel-Level Attack, Microsoft, OS Downgrade, Patch Tuesday, privilege escalation, Rootkit, UEFI Lock, VBS, Windows Security, Windows Update

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf

Tuesday, 15 October 2024 by Ayman Hamam

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. “The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities like

Published in News

Tagged under: APT34, credentials theft, CVE-2024-30088, Cyber espionage, cyberattack, Earth Simnavaz, Gulf region, Malware, Microsoft Exchange, OilRig, privilege escalation, psgfilter.dll, STEALHOOK, U.A.E., vulnerability exploitation, Windows Kernel

Tag: privilege escalation

Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf