Fake Updates Continue To Be A Digital Risk: What To Do?

In this digital era, online threats are booming as much as the internet user base. Sometimes, malware infects devices due to vulnerabilities unknown to people. However, it frequently comes as…

Beware of Fake Windows 11 Downloads Distributing Vidar Malware

Phishing domains are spreading Windows 11 installers loaded with Vidar infostealer. According to the cybersecurity firm Zscaler ThreatLabz, threat actors are trying to install info stealing malware on users’ devices…

Pwn2Own 2022 – Windows 11, MS Teams and Firefox Pwned on Day 1

Other than Windows 11, Microsoft Teams and Mozilla Firefox, Oracle Virtualbox, Ubuntu Desktop, and Safari browser were also hacked on day one of PWN2OWN 2022 in Vancouver. Pwn2Own is a…

Beware of Fake Windows 11 Update Delivering Malware

According to researchers, the fake upgrade injects malware onto Windows-based devices and steals crypto wallets and browsing data. CloudSEK security researchers have discovered a fake Windows 11 update website that…

Fake Windows website dropped Redline malware as Windows 11 upgrade

The domain name used by threat actors in this campaign was convincing enough to trick users into downloading fake Windows installer that would lead to malware infection. A fake Microsoft…

Windows 10 Drive-By RCE Triggered by Default URI Handler

There’s an argument injection weakness in the Windows 10/11 default handler, researchers said: an issue that Microsoft has only partially fixed. Researchers have discovered a drive-by remote code-execution (RCE) bug…

Fake Adobe Windows App Installer Packages Are Distributing the Emotet Malware

Emotet is a malware known as a banking Trojan. Malspam, which are spam emails that contain malware, is the primary means by which it spreads. To persuade consumers, these communications…

Toss a Coin to your Helper (Part 2 of 2)

Avast –  Avast –  In the first posting of this series, we looked at a clipboard stealer belonging to the MyKings botnet. In this second part of the blog series,…

Attackers exploiting Windows Installer vulnerability despite patching

According to Cisco Talos, abusing the flaw would allow an attacker with limited access to get higher privileges and become an administrator. A Windows Installer security vulnerability, tracked as CVE-2021-41379,…

Unpatched Windows Zero-Day Allows Privileged File Access

A temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug. An unpatched Windows security vulnerability could allow information disclosure…