Windows 10 Drive-By RCE Triggered by Default URI Handler

There’s an argument injection weakness in the Windows 10/11 default handler, researchers said: an issue that Microsoft has only partially fixed. Researchers have discovered a drive-by remote code-execution (RCE) bug…

Fake Adobe Windows App Installer Packages Are Distributing the Emotet Malware

Emotet is a malware known as a banking Trojan. Malspam, which are spam emails that contain malware, is the primary means by which it spreads. To persuade consumers, these communications…

Toss a Coin to your Helper (Part 2 of 2)

Avast –  Avast –  In the first posting of this series, we looked at a clipboard stealer belonging to the MyKings botnet. In this second part of the blog series,…

Attackers exploiting Windows Installer vulnerability despite patching

According to Cisco Talos, abusing the flaw would allow an attacker with limited access to get higher privileges and become an administrator. A Windows Installer security vulnerability, tracked as CVE-2021-41379,…

Unpatched Windows Zero-Day Allows Privileged File Access

A temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug. An unpatched Windows security vulnerability could allow information disclosure…

Hackers are targeting this Microsoft Windows Installer flaw, say security researchers

Hackers have already created malware in a bid to exploit an elevation of privilege vulnerability in Microsoft’s Windows Installer. Microsoft released a patch for CVE-2021-41379, an elevation of privilege flaw…

A New Microsoft Windows Installer Zero-day Is Exploited

Abdelhamid Naceri, a security researcher, made the zero-day in question public. He identified the flaw through an examination of the CVE-2021-41379 fix. It appears that the problem was not properly…

Attackers Actively Target Windows Installer Zero-Day

Researcher discovered a “more powerful” variant of an elevation-of-privilege flaw for which Microsoft released a botched patch earlier this month. Attackers are actively exploiting a Windows Installer zero-day vulnerability that…

Red Team: C2 frameworks for pentesting

Infosec Institute –  Infosec Institute –  C2 frameworks — the abbreviation to the Command and Control (C&C) infrastructure — are how red teamers and pentesters can control compromised machines during…

Time to upgrade? Windows 10 version 2004 support ends soon

Microsoft has reminded users to upgrade from Windows 10 version 2004, the April 2020 Update, which reaches end of life on December 14, 2021.  This means no more security or…