Fake windows update serves a fake Windows Media Player with a side of cryptominer

Fake windows update serves a fake Windows Media Player with a side of cryptominer

This week, the SonicWall Capture Labs Threat Research Team came across another cryptominer that pretends to be a media player and even loads a wav file to hide its real intent. Infection... Read more »
Citrix NetScaler ADC/Gateway Directory Traversal Vulnerability

Citrix NetScaler ADC/Gateway Directory Traversal Vulnerability

A Directory Traversal vulnerability exists in Citrix Application Delivery Controller (ADC), formerly known as NetScaler ADC, and Citrix Gateway,formerly known as NetScaler Gateway (CVE-2019-19781). This vulnerability is being exploited in the wild.... Read more »
Windows CryptoAPI Spoofing Vulnerability CVE-2020-0601

Windows CryptoAPI Spoofing Vulnerability CVE-2020-0601

NSA has discovered a critical vulnerability affecting Microsoft Windows cryptographic functionality. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. The vulnerability affects Windows 10... Read more »
Microsoft Patch Tuesday

Microsoft Security Bulletin Coverage for Jan 2020

SonicWall Capture Labs Threat Research Team has analyzed and addressed Microsoft’s security advisories for the month of January 2020. A list of issues reported, along with SonicWall coverage information are as follows:... Read more »