Security News

Update Microsoft Windows Systems to Patch 99 New Security Flaws
2020-02-11 18:00

A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities. All supported versions of Microsoft Windows also contain a critical RCE flaw that an attacker with a domain user account can exploit to execute arbitrary code on the targeted system with elevated permissions.

Update Microsoft Windows Systems to Patch 99 New Security Flaws
2020-02-11 12:04

A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities. All supported versions of Microsoft Windows also contain a critical RCE flaw that an attacker with a domain user account can exploit to execute arbitrary code on the targeted system with elevated permissions.

Forgotten motherboard driver turns out to be perfect for slipping Windows ransomware past antivirus checks
2020-02-11 02:00

A kernel-level Windows driver for old PC motherboards has been abused by criminals to silently disable antivirus protections, and hold files to ransom. When the ransomware infects a computer - either by some other exploit or by tricking a victim into running it - and loads the driver, the operating system and antivirus packages will allow it because the driver appears legit.

Game over, LAN, game over! Windows software nasty Emotet spotted spreading via brute-forced Wi-Fi networks
2020-02-10 23:06

A new variant of the notorious Emotet Windows malware is able to spread wirelessly by brute-forcing Wi-Fi network passwords and scanning for shared drives to infect. "Previously thought to only spread through malspam and infected networks, Emotet can use this loader-type to spread through nearby wireless networks if the networks use insecure passwords."

BYO-Bug Tactic Attacks Windows Kernel with Outdated Driver
2020-02-10 21:07

Specifically, they're updating the Windows kernel in-memory with the Gigabyte driver, according to the research - and the kernel accepts it as a "Patch" thanks to the signed certificate. Once that's loaded, they can then exploit that driver using the known vulnerability in order to load their own, unsigned, malicious driver.

TrickBot Switches to a New Windows 10 UAC Bypass to Evade Detection
2020-02-03 12:15

The TrickBot trojan has evolved again to bolster its ability to elude detection, this time adding a feature that can bypass Windows 10 User Account Control to deliver malware across multiple workstations and endpoints on a network, researchers have discovered. Researchers at Morphisec Labs team said they discovered code last March that uses the Windows 10 WSReset UAC Bypass to circumvent user account control and deliver malware in recent samples of TrickBot, according to a report released last week.

Most AV vendors will continue to support their products under Windows 7
2020-01-29 10:45

They can still upgrade from Windows 7 to Windows 10 for free, but those who continue to use Windows 7 now that support has ended are simply more vulnerable to security risks. In addition to that, the good news is that some browser and many AV manufacturers will continue to offer Windows 7 support.

PoC Exploits Created for Recently Patched 'BlueGate' Windows Server Flaws
2020-01-27 12:49

Proof-of-concept exploits have been released for two recently patched Remote Desktop Gateway vulnerabilities that can be exploited for remote code execution. Remote Desktop Gateway is a Windows Server component previously known as Terminal Services Gateway.

You can upgrade Windows 7 for free! Why wouldn’t you?
2020-01-27 05:30

Businesses continuing to run Windows 7 should tread carefully and keep Windows 7 at their peril. Compatibility should not be a big issue as Windows 10 can run on most systems that supported Windows 7.

New Ransomware Process Leverages Native Windows Features
2020-01-21 15:03

A potential ransomware process using EFS was discovered by researchers at SafeBreach. This approach entirely uses Windows features - and can consequently be defined as a form of 'living off the land' - although the primary difference with traditional ransomware is that this process uses different Windows features that are less likely to be monitored.