24 May 2021

This massive phishing campaign delivers password-stealing malware disguised as ransomware

Cybersecurity researchers at Microsoft have identified a massive phishing campaign that is distributing trojan malware to create a backdoor into Windows systems, stealing usernames, passwords, and other sensitive information from victims. The phishing messages deliver the latest version of the Java-based STRRAT malware. The email campaign consists of utilizing compromised

Read More
04 May 2021

Patch issued to tackle critical security issues present in Dell driver software since 2009

On Tuesday, SentinelLabs reported that a researcher on their team had discovered 5 serious vulnerabilities in Dell’s DBUtil BIOS driver. This technology is used in Dell’s desktop and laptop PCs, notebooks, and tablet products, therefore affecting a wide range of Dell’s offerings. The team reported that the flaws have existed

Read More
10 Feb 2021

Android Devices Hunted by LodaRAT Windows Malware

The LodaRAT has been found targeting Android devices in a new campaign. The malware has historically targeted Windows devices, however, is now being distributed in an ongoing campaign that seeks to spy on victims. The LodaRAT has also been updated, with the more aggressive version spotted by researchers in a

Read More
28 Dec 2020

Windows Zero-Day Still Circulating After Faulty Fix

A high-severity Windows zero-day allows an attacker to install programs and access admin privileges such as viewing, changing, and deleting data. It can lead to a complete desktop takeover and is located in the Print Spooler API. However, the critical flaw remains dangerous after Microsoft failed to effectively patch the

Read More
04 Nov 2020

Games in Microsoft Store Can Be Abused for Privilege Escalation on Windows

A new flaw in Windows can allow malicious actors to exploit the vulnerability to escalate privileges to SYSTEM on Windows 10 through utilizing access through the Microsoft Store. Researchers at IOActive uncovered the threat, which was patched in October as part of Microsoft’s monthly Patch Tuesday. The flaw is known

Read More
21 Sep 2020

Agencies Must Patch Zerologon Bug by Monday says US CISA

Earlier this week, the US Department of Homeland Security issued an emergency directive that calls for all civilian government agencies to patch a Windows vulnerability that has been categorized as high-risk. The bug, CVE-2020-1472, is a new form of a privilege bug that occurs when an attacker uses the Netlogon

Read More
16 Sep 2020

Windows Exploit Released For Microsoft ‘Zerologon’ Flaw

Security researchers and US government authorities have been alerting the public to a critical privilege escalation flaw in Microsoft services, urging admins to address the pressing security issue. A proof-of-concept exploit code has been recently released for a Windows flaw that could allow attackers to obtain administrative privileges within a

Read More
05 Aug 2020

FBI issues warning over Windows 7 end-of-life

On Monday, the FBI sent a private industry notification to US private sector partners warning about Windows 7 computers reaching their end-of-life. According to the warning, the operating system fulfilled its shelf life earlier this year. The FBI stated that they had observed threat actors targeting computer network infrastructure after

Read More
31 Jul 2020

Billions of Devices Impacted by Secure Boot Bypass

New research shows that billions of Windows and Linux devices are vulnerable to cyberattacks originating from a bug in the GRUB2 bootloader, which security experts have named the “BootHole” bug. The exploitation of the bug could lead to malware infection, information theft, and allow attackers to move laterally into corporate,

Read More
01 Jul 2020

Emergency Windows 10 Update: Critical ‘Large Image’ Security Flaw Confirmed

Microsoft has issued an emergency patch for a serious vulnerability affecting the Windows 10. Microsoft chose not to wait for Patch Tuesday, as the vulnerability could lead to the compromise of Windows 10 devices or Windows Server System. Another vulnerability was also patched in the emergency out-of-band update, ranked as

Read More