A new security update indicates that a hackers broke at least one company using vulnerabilities found in Windows. According to cybersecurity firm Huntress, the vulnerabilities were published online by a security researcher over the past two weeks.
In a series of posts on X, the cybersecurity company said its researchers saw hackers taking advantage of three specific Windows security flaws that have been named BlueHammer, UnDefend, and RedSun. Of these, only the first named bug has received a patch till date, with a fix being rolled out earlier this week.
The report said it was unclear as to who the specific target of the attack was or who the hackers were in this instance. Huntress believes that the attackers were exploiting the bugs by using the code that the security researcher, possibly a disgruntled one, had published online.
A researcher known as Chaotic Eclipse published a blog post earlier this month describing what they claimed was a code to exploit in an unpatched Windows vulnerability. They referred to some sort of conflict with Microsoft as the motivation behind publishing the code.
The post read: “I was not bluffing Microsoft and I’m doing it again. Huge thanks to MSRC leadership for making this possible. This appeared to be a reference to Microsoft’s Security Response Centre, the special team within the company that regularly investigates cyberattacks and handles reports of vulnerabilities.
A few days later, the same blog site published UnDefend before adding RedSun to this list. The said researcher or researchers also published the code to exploit these three vulnerabilities on their GitHub page. It has come to light that all three affect Microsoft’s Windows Defender and allows hackers to get high-level or administrator access to an affected computer.
Based on these inputs, Microsoft shared a statement that the company supports “coordinated vulnerability disclosure, a widely adopted industry practice that helps ensure issues are carefully investigated and addressed before public disclosure, supporting both customer protection and the security research community.”
Click Here For The Original Source
