SynAck
Ransomware

45f6ca06-eec3-4ffc-9a71-7659da5cd9f7

 

The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated implementation of Windows process loader, and works on all modern versions of Microsoft Windows OS, including Windows 10.

Process Doppelgänging attack works by using NTFS transactions to launch a malicious process by replacing the memory of a legitimate process, tricking process monitoring tools and antivirus into believing that the legitimate process is running.

Source: The Hacker News

How do you protect yourself?

Proper security measures must be in place to defend against SynAck and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

 

CVE
2018-0861

Threat Meter

 

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka “Scripting Engine Memory Corruption Vulnerability”.

 

Source: Security Tracker

 

How do you protect yourself?

Ensure all of your software is up-to-date and you have proper firewall and endpoint systems setup within your network.

 

CVE
2018-4160

Threat Meter

 

Multiple vulnerabilities were reported in Apple macOS/OS X. A remote user can obtain potentially sensitive information. A remote user can bypass security restrictions. A local user can gain elevated privileges. A local user can obtain passwords on the target system.

Source: Security Tracker

How do you protect yourself?

Ensure all of your software is up-to-date and you have proper firewall and endpoint systems setup within your network.