Cybersecurity

5618 readers

147 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago

MODERATORS

[email protected]

Void Banshee APT exploited "lingering Windows relic" in zero-day attacks (www.helpnetsecurity.com)

submitted 3 months ago by [email protected] to c/[email protected]

5 comments fedilink hide all child comments

top 5 comments

sorted by: hot top controversial new old

[–] [email protected] 6 points 3 months ago (1 children)

“The threat actor leveraged CVE-2024-38112 to execute malicious code by abusing the MHTML protocol handler and x-usc directives through internet shortcut (URL) files. Using this technique, the threat actor was able to access and run files directly through the disabled Internet Explorer instance on Windows machines,” Trend Micro researchers noted.

Which Windows machines still have remnants of Internet Explorer on them? Do Windows 11 machines still include a disabled Internet Explorer or core components of Internet Explorer?

[–] [email protected] 5 points 3 months ago (1 children)

I'm gonna say yes. MS are as bad of packrats as anyone else, and every time we look there's some crusty old stuff in there.

[–] [email protected] 4 points 3 months ago (1 children)

Microsoft is up there in the ranks of ancient spaghetti coders.

[–] [email protected] 2 points 3 months ago

To be fair, they're kind of held hostage by users' long-held expectations of backwards compatibility, and they have made progress over the last few years. No doubt there's nasty stuff in there still, and recent revelations about the Solar Winds hack show Microsoft has a culture of prioritizing immediate profit over security.

[–] [email protected] 2 points 3 months ago

What in the world? That thumbnail looks almost identical to a windows logo I made in 3DS Max like 20 years ago. Trippy!