New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools
Dec 11, 2024Ravie LakshmananMalware / Endpoint Security A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA)...
Read more →Category: TheHackerNews
ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms
Dec 11, 2024Ravie LakshmananRansomware / Malware Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a...
Read more →
Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts
Dec 11, 2024Ravie LakshmananVulnerability / Authentication Cybersecurity researchers have flagged a “critical” security vulnerability in Microsoft’s multi-factor authentication (MFA) implementation...
Read more →
Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia
Dec 11, 2024Ravie LakshmananCyber Espionage / Cyber Attack A suspected China-based threat actor has been linked to a series of...
Read more →
Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017
Cybersecurity researchers have discovered a novel surveillance program that’s suspected to be used by Chinese police departments as a lawful...
Read more →
Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability
Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its...
Read more →
U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls
Dec 11, 2024Ravie LakshmananVulnerability / Data Breach The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly...
Read more →
Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities
Dec 11, 2024Ravie LakshmananVulnerability / Network Security Ivanti has released security updates to address multiple critical flaws in its Cloud...
Read more →
Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged
Dec 10, 2024Ravie LakshmananVulnerability / Threat Analysis Users of Cleo-managed file transfer software are being urged to ensure that their...
Read more →
Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam
Dec 10, 2024Ravie LakshmananMobile Security / Cryptocurrency Cybersecurity researchers have shed light on a sophisticated mobile phishing (aka mishing) campaign...
Read more →
Automated Internal and External Pentesting
Dec 10, 2024The Hacker NewsVulnerability / Perimeter Security In today’s rapidly evolving threat landscape, safeguarding your organization against cyberattacks is...
Read more →
Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage
Dec 10, 2024Ravie LakshmananCyber Espionage / Hacking News A suspected China-nexus cyber espionage group has been attributed to an attacks...
Read more →