Windows Subsystem for Linux

Plenty of malicious samples have been created for the Home windows Subsystem for Linux (WSL) with the aim of compromising Home windows machines, highlighting a sneaky technique that permits the operators to remain underneath the radar and thwart detection by widespread anti-malware engines. The “distinct tradecraft” marks the primary occasion the place a risk actor […]

Microsoft on Wednesday disclosed particulars of a concentrating on phishing marketing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform utilizing specially-crafted Workplace paperwork to deploy Cobalt Strike Beacon on compromised Home windows programs. “These assaults used the vulnerability, tracked as CVE-2021-40444, as a part of an preliminary entry marketing campaign that distributed […]

HP OMEN Gaming Hub

Cybersecurity researchers on Tuesday disclosed particulars a few high-severity flaw within the HP OMEN driver software program that impacts hundreds of thousands of gaming computer systems worldwide, leaving them open to an array of assaults. Tracked as CVE-2021-3437 (CVSS rating: 7.8), the vulnerabilities might enable risk actors to escalate privileges to kernel mode with out […]

Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Web Explorer that is getting used to hijack susceptible Home windows programs by leveraging weaponized Workplace paperwork. Tracked as CVE-2021-40444 (CVSS rating: 8.8), the distant code execution flaw is rooted in MSHTML (aka Trident), a proprietary browser engine for the now-discontinued Web Explorer and […]

Ransomware operators reminiscent of Magniber and Vice Society are actively exploiting vulnerabilities in Home windows Print Spooler to compromise victims and unfold laterally throughout a sufferer’s community to deploy file-encrypting payloads on focused programs. “A number of, distinct risk actors view this vulnerability as engaging to make use of throughout their assaults and will point […]

SeriousSAM Vulnerability

Microsoft Home windows 10 and Home windows 11 customers are prone to a brand new unpatched vulnerability that was lately disclosed publicly. As we reported final week, the vulnerability — SeriousSAM — permits attackers with low-level permissions to entry Home windows system recordsdata to carry out a Go-the-Hash (and probably Silver Ticket) assault. Attackers can […]