Take heed, traveler, those that are marked by the Web are everywhere.

They can be friends, acquaintances, or even family. Stay vigilant.

https://en.wikipedia.org/wiki/Mark_of_the_Web

#markoftheweb

7-Zip: Mark-of-the-Web-Lücke wurde von Angreifern missbraucht | Security https://www.heise.de/news/7-Zip-Mark-of-the-Web-Luecke-wurde-von-Angreifern-missbraucht-10269973.html #MarkOfTheWeb #MotW #exploit #7zip #Patchday

Need to quickly get an overview on which files have been downloaded from the internet on macOS?

Use

mdfind "kMDItemWhereFroms=*" -attr "kMDItemWhereFroms"

to find the extended attributes to get a list of files, inlcuding the URL where the item was downloaded from.

Hint: Might not find all the files, especially if the attributes have been deleted.

#macos #incidentresponse #markoftheweb #apple

Bug Left Some Windows PCs Dangerously Unpatched

https://krebsonsecurity.com/2024/09/bug-left-some-windows-pcs-dangerously-unpatched/

#PatchTuesdaySeptember2024 #MicrosoftOffice #CVE-2024-38217 #CVE-2024-38226 #CVE-2024-43491 #ImmersiveLabs #markoftheweb #SatnamNarang #TimetoPatch #microsoft #KevBreen #Rapid7

Bug Left Some Windows PCs Dangerously Unpatched - Microsoft Corp. today released updates to fix at least 79 security vulnerabilities... https://krebsonsecurity.com/2024/09/bug-left-some-windows-pcs-dangerously-unpatched/ #patchtuesdayseptember2024 #microsoftoffice #cve-2024-38217 #cve-2024-38226 #cve-2024-43491 #immersivelabs #markoftheweb #satnamnarang #timetopatch #microsoft #kevbreen #rapid7

Six 0-Days Lead Microsoft’s August 2024 Patch Push - Microsoft today released updates to fix at least 90 security vulnerabilities in Wi... https://krebsonsecurity.com/2024/08/six-0-days-lead-microsofts-august-2024-patch-push/ #zerodayinitiative #microsoftproject #cve-2024-38106 #cve-2024-38107 #cve-2024-38178 #cve-2024-38189 #cve-2024-38193 #cve-2024-38213 #markoftheweb #timetopatch #windowsedge #kevbreen

Six 0-Days Lead Microsoft’s August 2024 Patch Push

https://krebsonsecurity.com/2024/08/six-0-days-lead-microsofts-august-2024-patch-push/

#ZeroDayInitiative #MicrosoftProject #CVE-2024-38106 #CVE-2024-38107 #CVE-2024-38178 #CVE-2024-38189 #CVE-2024-38193 #CVE-2024-38213 #markoftheweb #TimetoPatch #WindowsEdge #KevBreen

Another Zero Day Initiative security advisory, since RARLAB failed to include the CVE ID in their release notes: CVE-2024-30370 (4.3 medium, CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. I'm not a betting man, but I can see threat actors utilizing this quickly based on historical abuse. 🔗 https://www.zerodayinitiative.com/advisories/ZDI-24-357/ and https://www.rarlab.com/rarnew.htm#27.%20Busgs%20fixed

This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must perform a specific action on a malicious page.

The specific flaw exists within the archive extraction functionality. A crafted archive entry can cause the creation of an arbitrary file without the Mark-Of-The-Web. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user.

#CVE_2024_30370 #markoftheweb #WinRAR #vulnerability

TIL: Das Mark of the Web enhält unter Windows 10 sowohl den Referrer als auch die komplette Download-URL. 🤦🏻‍♂️ #windows #windows10 #security #markoftheweb

📬 Windows: Zero-Day-Lücke lässt QBot Dein System infiltrieren
#Hacking #Malware #MarkoftheWeb #PhishingMail #QBot #Signaturblock #SmartScreen #windows #ZeroDayLücke https://tarnkappe.info/artikel/malware/windows-zero-day-luecke-laesst-qbot-dein-system-infiltrieren-259367.html

📬 Windows: Zero-Day-Lücke lässt QBot Dein System infiltrieren
#Hacking #Malware #MarkoftheWeb #PhishingMail #QBot #Signaturblock #SmartScreen #windows #ZeroDayLücke https://tarnkappe.info/artikel/malware/windows-zero-day-luecke-laesst-qbot-dein-system-infiltrieren-259367.html