Microsoft Urges Immediate Updates to Combat New Security Threats
TL;DR Summary
A newly patched NTLM vulnerability, CVE-2024-43451, was exploited by suspected Russian hackers to target Ukraine through phishing emails. The flaw, which allows NTLMv2 hash theft, was used to deliver Spark RAT malware via a compromised Ukrainian government server. The attack involved phishing emails prompting users to download malicious URL files, leading to further payload downloads. CERT-UA linked the activity to Russian threat actor UAC-0194, while also warning of financially motivated attacks using LiteManager software.
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails The Hacker News
- Windows Users Must Update Now As Microsoft Confirms 4 New Zero-Days Forbes
- Microsoft Patch Tuesday, November 2024 Edition Krebs on Security
- Windows 10 KB5046613 update released with fixes for printer bugs BleepingComputer
- Microsoft's November Patch Tuesday squashes several bugs in Windows 11 24H2 ZDNet
Reading Insights
Total Reads
0
Unique Readers
1
Time Saved
2 min
vs 3 min read
Condensed
83%
436 → 74 words
Want the full story? Read the original article
Read on The Hacker News