Lunch Time Nibbles - 2022-10-26

Welcome to another Lunch Time breakout:

Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities
Cisco has warned of active exploitation attempts targeting a pair of two-year-old security flaws in the Cisco AnyConnect Secure Mobility Client for Windows. Tracked as CVE-2020-3153 (CVSS score: 6.5) and CVE-2020-3433 (CVSS score: 7.8), the vulnerabilities could enable local authenticated attackers to perform DLL hijacking and copy arbitrary files to system directories with elevated privileges.
Read more....

Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector
A cybercrime group known as Vice Society has been linked to multiple ransomware strains in its malicious campaigns aimed at the education, government, and retail sectors. The Microsoft Security Threat Intelligence team, which is tracking the threat cluster under the moniker DEV-0832, said the group avoids deploying ransomware in some cases and rather likely carries out extortion using
Read more....

Microsoft fixes Windows vulnerable driver blocklist sync issue
Microsoft says it addressed an issue preventing its vulnerable driver blocklist from being synced to systems running older Windows versions. [...]
Read more....