A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale (PoS) service provider located in the U.S. The attacks, which are believed to have taken place between late June to late July 2021, have been attributed with […]
Dynamic-link library (DLL) side-loading is an increasingly popular cyberattack method that takes advantage of how Microsoft Windows applications handle DLL files. In such attacks, malware places a spoofed malicious DLL file in a Windows’ WinSxS directory so that the operating system loads it instead of the legitimate file. What is DLL side-loading Attack? Generally in […]
Project Zero, Google’s cybersecurity unit, published research detailing its analysis of the Windows firewall and AppContainer, Microsoft’s runtime environment that restricts applications so that security risks can be avoided before installing new software. In its report, Project Zero points to the detection of a severe vulnerability in AppContainer that Microsoft had chosen not to address, […]
Researchers uncovered a new info-stealer malware “Ficker” and is distributed via a Russian underground forum by threat actors as Malware-as-a-Service (MaaS) model to attack Windows users. Threat actors with the profile alias @ficker in the Russian underground forum have frequently been active in the underground forum related to malware distribution. Ficker info stealer is written […]
Another new zero-day vulnerability in “Windows Printing Spooler Service” has been reported by Microsoft. The experts of Microsoft have also stated that the threat actors who can strongly exploit this vulnerability could easily run the arbitrary code with SYSTEM privileges. Microsoft recently patched remote code execution vulnerability in Windows Print Spooler. The flaw allows a […]
This morning, Microsoft security teams issued an alert related to the detection of a new vulnerability in the Windows Print Spooler service. Tracked as CVE-2021-36958, this flaw exists due to a remote code execution issue when the print service incorrectly performs operations on privileged files. According to the report, threat actors who manage to exploit […]
A day after releasing Patch Tuesday updates, Microsoft acknowledged yet another remote code execution vulnerability in the Windows Print Spooler component, adding that it’s working to remediate the issue in an upcoming security update. Tracked as CVE-2021-36958 (CVSS score: 7.3), the unpatched flaw is the latest to join a list of bugs collectively known as […]
Cybersecurity specialists report the discovery of a dangerous vulnerability in Microsoft 3D Viewer, a 3D object visualization and augmented reality tool first launched in Windows 10 1703. According to the report, successful exploitation of this flaw would allow threat actors to execute arbitrary code in the affected implementations. The vulnerability requires user interaction to be […]
A new version of LemonDuck has been found by the security experts Microsoft and this new version can now steal data, put backdoors, and implement different malicious activities on vulnerable computers. However, the Microsoft 365 Defender Threat Intelligence team has ensured that this new version of LemonDuck is quite dangerous as compared to the old […]
French cybersecurity specialist Gilles Lionel reported the discovery of a serious vulnerability in the Windows operating system that would allow threat actors to arbitrarily authenticate to remote Windows servers in order to access NTLM authentication details or authentication certificates. The flaw was dubbed “PetitPotam” and already has a proof of concept (PoC) whose code is […]
Microsoft Windows 10 and Windows 11 users are at risk of a new unpatched vulnerability that was recently disclosed publicly. As we reported last week, the vulnerability — SeriousSAM — allows attackers with low-level permissions to access Windows system files to perform a Pass-the-Hash (and potentially Silver Ticket) attack. Attackers can exploit this vulnerability to […]
An infamous cross-platform crypto-mining malware has continued to refine and improve upon its techniques to strike both Windows and Linux operating systems by setting its sights on older vulnerabilities, while simultaneously latching on to a variety of spreading mechanisms to maximize the effectiveness of its campaigns. “LemonDuck, an actively updated and robust malware that’s primarily […]
Earlier this year Microsoft announced Windows 11, and Microsoft hasn’t published this new operating system publicly. But, a few weeks ago Windows 11 was unofficially leaked before Microsoft released it to Windows Insiders. In short, the announcement of the new OS of Microsoft, Windows 11 has created a big hype on the internet world. And […]
A recent report from Check Point Research (CPR) points to the detection of a new malware variant designed to infect Windows and macOS devices. This malware was identified as XLoader and is for sale for a considerably low price given its advanced capabilities. This is actually a variant of the Formbook malware, which was previously […]
Jonas Lyk, a cybersecurity specialist, reported the discovery of a critical vulnerability in Windows 10 systems whose exploitation would allow threat actors to gain high privileges and even steal user passwords. The expert mentions that the vulnerability lies in the signature in which the operating system grants access to its configuration files. The flaw was […]
A popular malware known for stealing sensitive information from Windows machines has evolved into a new strain capable of also targeting Apple’s macOS operating system. The upgraded malware, dubbed “XLoader,” is a successor to another well-known Windows-based info stealer called Formbook that’s known to vacuum credentials from various web browsers, capture screenshots, record keystrokes, and […]
Microsoft’s Windows 10 and the upcoming Windows 11 versions have been found vulnerable to a new local privilege escalation vulnerability that permits users with low-level permissions access Windows system files, in turn, enabling them to unmask the operating system installation password and even decrypt private keys. The vulnerability has been nicknamed “SeriousSAM.” “Starting with Windows […]
Cybersecurity researchers on Tuesday lifted the lid on a previously undocumented malware strain dubbed “MosaicLoader” that singles out individuals searching for cracked software as part of a global campaign. “The attackers behind MosaicLoader created a piece of malware that can deliver any payload on the system, making it potentially profitable as a delivery service,” Bitdefender […]
Merely days after Microsoft sounded the alarm on an unpatched security vulnerability in the Windows Print Spooler service, possibly yet another zero-day flaw in the same component has come to light, making it the fourth printer-related shortcoming to be discovered in recent weeks. “Microsoft Windows allows for non-admin users to be able to install printer […]
Microsoft on Thursday shared fresh guidance on yet another vulnerability affecting the Windows Print Spooler service, stating that it’s working to address it in an upcoming security update. Tracked as CVE-2021-34481 (CVSS score: 7.8), the issue concerns a local privilege escalation flaw that could be abused to perform unauthorized actions on the system. The company […]
Microsoft rolled out Patch Tuesday updates for the month of July with fixes for a total of 117 security vulnerabilities, including nine zero-day flaws, of which four are said to be under active attacks in the wild, potentially enabling an adversary to take control of affected systems. Of the 117 issues, 13 are rated Critical, […]