Attackers bypass Microsoft security patch to drop Formbook malware

The patch was issued for CVE-2021-40444 to prevent the execution of code that downloaded the Microsoft Cabinet (CAB) archive containing a malicious executable. Sophos Labs researchers have shared their findings…

Intruders leverage Log4j flaw to breach Belgian Defense Department

Written by Tonya Riley Dec 20, 2021 | CYBERSCOOP Parts of the Belgian Defense Ministry‚Äôs computer networks have been down since Thursday after a cyber incident in which attackers exploited…

Microsoft disrupts activity of Chinese hackers by seizing 42 websites

Dubbed Nickel by Microsoft; the group of Chinese hackers was actively using the now seized websites for intelligence gathering from thanks tanks, human rights organizations, and government agencies. The Microsoft…

Court hands Microsoft control of websites linked to spying by Chinese hackers

Written by Tim Starks Dec 6, 2021 | CYBERSCOOP Microsoft obtained a court order to seize websites from a Chinese government-linked espionage group that was using the sites to attack…

Fake KPSPico Windows activator tool KPSPico steals crypto wallet data

The malware is dubbed CrypBot is essentially an information stealer that can obtain credentials for cryptocurrency wallets, browsers, credit cards, browser cookies, and capture screenshots from compromised devices. Cybersecurity solutions…

Unpatched Microsoft Exchange Servers abused in new phishing campaign

The noteworthy aspect of this phishing campaign is that the emails were sent as replies to previously sent messages, due to which these appeared legit. According to the IT security…

Attackers exploiting Windows Installer vulnerability despite patching

According to Cisco Talos, abusing the flaw would allow an attacker with limited access to get higher privileges and become an administrator. A Windows Installer security vulnerability, tracked as CVE-2021-41379,…

Iranian government-backed hackers target critical infrastructure with ransomware, US says

Written by Tim Starks Nov 17, 2021 | CYBERSCOOP U.S., U.K. and Australian cyber agencies on Wednesday accused Iranian government-sponsored hacking groups of exploiting Microsoft and Fortinet vulnerabilities this year…

ProxyShell vulnerabilities exploited in domain-wide ransomware attacks

The ProxyShell vulnerabilities have prompted threat actors to launch domain-wide ransomware attacks against their targets, revealed a new research report from The DFIR Report. The report, published on Monday, explained…

10 Tips To Boost Microsoft Defender AV Security

Microsoft Defender Antivirus (MDAV), known as Windows Defender Antivirus before the Windows 10 May 2020 update, is an anti-malware component of Microsoft Windows. MDAV continually scans for malware, viruses, and…