Tech · TechCrunch
Hackers are abusing unpatched Windows security flaws to hack into organizations
Compiled by KHAO Editorial — aggregated from 1 outlet. See llms.txt for citation guidance.
◌ Single Source
Hackers have broken into at least one organization using Windows vulnerabilities published online by a disgruntled security researcher over the last two weeks, according to a cybersecurity firm.
Key facts
- Meet your next investor or portfolio startup at Disrupt Meet your next investor or portfolio startup at Disrupt Days later, Chaotic Eclipse published UnDefend, and then earlier this week published
- All three vulnerabilities affect the Microsoft-made antivirus Windows Defender, allowing a hacker to gain high-level or administrator access to an affected Windows computer
- Huge thanks to MSRC leadership for making this possible,” they added, referring to Microsoft’s Security Response Center, the company’s team that investigates cyberattacks and handles reports
- It’s unclear who the target of this attack is, and who the hackers
Summary
It’s unclear who the target of this attack is, and who the hackers are. It appears that the hackers are exploiting the bugs by using exploit code that the security researcher published online. Earlier this month, a researcher who goes by Chaotic Eclipse published on their blog what they said was code to exploit an unpatched vulnerability in Windows.