Browsing tag
Details have emerged about a now-patched actively exploited security flaw in Microsoft Windows that could be abused by a threat actor to gain elevated privileges on affected systems. The vulnerability, tracked as CVE-2023-29336, is rated 7.8 for severity and concerns an elevation of privilege bug in the Win32k component. “An attacker who successfully exploited this […]
A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. “RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range of industries globally,” Recorded Future told The Hacker News. […]
An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), even as the Follina flaw continues to be exploited in the wild. The issue — referenced as DogWalk — relates to a path traversal flaw that can be exploited to stash a malicious executable […]
Cybersecurity researchers have discovered a new Windows malware with worm-like capabilities and is propagated by means of removable USB devices. Attributing the malware to a cluster named “Raspberry Robin,” Red Canary researchers noted that the worm “leverages Windows Installer to reach out to QNAP-associated domains and download a malicious DLL.” The earliest signs of the […]
A new cross-platform backdoor called “SysJoker” has been observed targeting machines running Windows, Linux, and macOS operating systems as part of an ongoing espionage campaign that’s believed to have been initiated during the second half of 2021. “SysJoker masquerades as a system update and generates its [command-and-control server] by decoding a string retrieved from a […]
The vulnerability was identified and fixed in 2013 but in 2014 Microsoft revised the fix allowing Malsmoke hackers in 2022 to spread ZLoader malware. Israel-based cybersecurity firm Check Point Research has been assessing a sophisticated infection chain since Nov 2021. Researchers have now published their report, stating that a new ZLoader malware campaign is underway […]
The malware is dubbed CrypBot is essentially an information stealer that can obtain credentials for cryptocurrency wallets, browsers, credit cards, browser cookies, and capture screenshots from compromised devices. Cybersecurity solutions provider Red Canary revealed in its recent blog post that a malicious KMSPico installer is carrying malware that can steal user information from cryptocurrency wallets, […]
According to Cisco Talos, abusing the flaw would allow an attacker with limited access to get higher privileges and become an administrator. A Windows Installer security vulnerability, tracked as CVE-2021-41379, was patched by Microsoft, but according to a report from Cisco Talos, hackers already had created malware to exploit this privilege escalation flaw identified in the enterprise […]
Cybersecurity researchers on Wednesday took the wraps off a “simple yet remarkable” malware loader for malicious Windows binaries targeting Central Europe, North America and the Middle East. Codenamed “Wslink” by ESET, this previously undocumented malware stands apart from the rest in that it runs as a server and executes received modules in memory. There are […]
A number of malicious samples have been created for the Windows Subsystem for Linux (WSL) with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular anti-malware engines. The “distinct tradecraft” marks the first instance where a threat actor has been […]
Microsoft on Wednesday disclosed details of a targeted phishing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform using specially-crafted Office documents to deploy Cobalt Strike Beacon on compromised Windows systems. “These attacks used the vulnerability, tracked as CVE-2021-40444, as part of an initial access campaign that distributed custom Cobalt Strike Beacon loaders,” […]
Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that’s actively set its sights on government, telecommunications, information technology, and financial institutions in the wild. The as-yet undetected version of the penetration testing tool — codenamed “Vermilion Strike” — marks one of the rare Linux ports, […]
So far, the ongoing phishing attack has utilized more than 350 unique domains to target Microsoft Office 365 users. Microsoft has warned about a new widespread phishing campaign in which scammers are abusing open redirect links to divert users to malicious websites and steal MS Office 365 credentials. In a detailed report, the IT security researchers […]
A cybersecurity researcher has discovered a vulnerability in Razer Synapse software that lets anyone possessing Razer peripherals obtain administration rights on a Windows PC. Razer Synapse is a software that allows users to configure Windows hardware devices, set up macros and Chrome lighting effects, and map buttons. The company is a leader development of gaming accessories including […]
Microsoft was informed about the vulnerability by Google but the company claimed it to be a “non-issue” and that it “will not fix it.” On Thursday, Google Project Zero researcher James Forshaw shared details of a Windows AppContainer vulnerability after Microsoft backtracked on its previous stance of not fixing the flaw and announcing to address […]
Microsoft is urging customers to “install these updates immediately.” Last week, the IT security researchers at Sangfor revealed a critical 0-day vulnerability affecting the Windows Print Spooler service that helps PCs manage the flow of print jobs being sent to a printer or print server. Dubbed PrintNightmare (CVE-2021-1675) by researchers; Microsoft acknowledged the vulnerability however […]
Experts reveal that the PetitPotam attack forces remote Windows servers such as Domain Controllers to validate a malicious destination. Microsoft has released an advisory on the newly identified Windows security flaw that allows attackers to take complete control of a Windows domain. Experts revealed that the vulnerability, dubbed PetitPotam, forces remote Windows servers such as […]
Reportedly, the Windows Defender daily update flagged DeCSS DVD encryption software copy as a Trojan and quarantined it before deleting it after 60 seconds interval. The impact of the Windows Defender update on DeCSS software data has enraged Windows 10 by messing with specific stored files. For your information, DeCSS is a free computer system […]
Microsoft’s Blue Screen of Death Revamped for Windows 11. We thought that the start menu is the only element in Microsoft’s Windows operating system that will receive an overhaul in Windows 11. However, it is being reported that the new OS will feature a Black Screen of Death instead of the customary blue screen of […]
Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that’s being used to hijack vulnerable Windows systems by leveraging weaponized Office documents. Tracked as CVE-2021-40444 (CVSS score: 8.8), the remote code execution flaw is rooted in MSHTML (aka Trident), a proprietary browser engine for the now-discontinued Internet Explorer and which is […]
The upcoming Windows 10 Sun Valley update has been in discussion for a while now. According to insiders, this will be one of the largest updates to the system, through which Microsoft hopes to “refresh the desktop PCs” and bring its OS back into the spotlight. Here’s what is currently known about this update. UI […]