TECH NEWS

New Windows Zero-Day Exploit ‘RoguePlanet’ Released

A security researcher has released another zero-day exploit targeting Microsoft’s Windows operating system, shortly after Redmond rolled out its Patch Tuesday updates.

Dubbed RoguePlanet, the proof-of-concept (PoC) exploit was released by Nightmare Eclipse (also known as Chaotic Eclipse), who dropped several zero-days in Microsoft products over the past couple of months.

The fresh zero-day exploit leads to local privilege escalation (LPE) by exploiting a race condition issue in Microsoft Defender, Nightmare Eclipse says.

According to the researcher, the exploit initially led to remote code execution (RCE) by tricking a victim into opening a .vhd(x) file on a remote SMB server or into opening the SMB share.

The exploit could also lead to BitLocker bypass using a specialized device designed to push data to NTFS.sys. Once Defender reads the malicious file, the exploit would redirect the cleaned file to a new location.

Mitigations rolled out by Microsoft in May,...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

https://www.securityweek.com/wp-content/uploads/2023/01/Cybersecurity_News-SecurityWeek.jpg

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Law enforcement agencies in four countries, working with Europol and private partners, have disrupted SocGholish infrastructure and cleaned up nearly 15,000 infected WordPress websites. Active since 2017 and also known as FakeUpdates, SocGholish is a malware framework injected into websites running popular content management systems, such as WordPress, Joomla,

not set

© 2009-2025 Independent News Service. All rights reserved. * Site Map * Legal disclaimer * Privacy Policy * CSR Policy * RIO * RSS Copyright of this story solely belongs to indiatvnews.com. To see the full text click HERE

https://image.theregister.com/240961.jpg?imageId=240961&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683

Users claimed they’d never seen a spell checker and panicked at the sight of red squiggles

Personal tech Techie couldn’t help but be a little blunt when the support call came in – but has no regrets! ON CALL Welcome to another edition of On Call, The Register’s reader-contributed Friday column in which you share your stories of troublesome tech support incidents. This week, meet

https://cdn.mos.cms.futurecdn.net/txXZ8gzz5JKNnRLQotqvz9-1920-80.jpg

I put the Mac mini-sized Kensington SD5010T5 EQ to the test and discovered a fully featured Thunderbolt 5 docking station that doesn’t take up much desk space

Its dual native HDMI ports alongside downstream Thunderbolt 5 architecture eliminate messy legacy adapter chains, making it an elite choice for multi-display setups. However, its immense bandwidth capacity remains heavily bottlenecked by a market still playing catch-up on compatible host devices. Pros * +Massive 140W host charging over a single cable

Read more

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

not set

Users claimed they’d never seen a spell checker and panicked at the sight of red squiggles

I put the Mac mini-sized Kensington SD5010T5 EQ to the test and discovered a fully featured Thunderbolt 5 docking station that doesn’t take up much desk space