Security News
The TrickBot trojan has evolved again to bolster its ability to elude detection, this time adding a feature that can bypass Windows 10 User Account Control to deliver malware across multiple workstations and endpoints on a network, researchers have discovered. Researchers at Morphisec Labs team said they discovered code last March that uses the Windows 10 WSReset UAC Bypass to circumvent user account control and deliver malware in recent samples of TrickBot, according to a report released last week.
Though SpyCloud helped bring this particular criminal to justice, these tactics are common in targeted attacks. Targeted attacks are manual, creative, and elusive, making them one of the most difficult aspects of security and risk management.
Researchers have discovered password bypass vulnerabilities affecting two WordPress plugins from a publisher called Revmakx. The first vulnerable plugin is RevMakx's InfiniteWP Client, a tool that allows admins to manage multiple WordPress sites from the same interface.
Cybersecurity researchers have spotted a new variant of the Snatch ransomware that first reboots infected Windows computers into Safe Mode and only then encrypts victims' files to avoid antivirus...
One of the internet's most popular free operating systems allowed attackers to bypass its authentication controls.
OpenBSD, an open-source operating system built with security in mind, has been found vulnerable to four new high-severity security vulnerabilities, one of which is an old-school type...
The flaws in the container technology, CVE-2019-16276 and CVE-2019-11253, are simple to exploit.
This time, José Rodríguez came up with a way to trick the iOS 13 beta into showing its address book without the need to unlock the screen.
Apple will not fix the glitch until the release of iOS 13.1 later in September.
Good news... next week, on September 19, Apple will roll out iOS 13, the latest version of its mobile operating system. Yes, we're excited about, but here comes the bad news... iOS 13 contains a...