Recent Security News
-
Web Shells Gain Sophistication for Stealth, Persistence
November 22, 2023 at 03:06PM Experts say that web shells, which are easy-to-use tools used to issue commands to compromised servers, are becoming more popular among attackers. The use of web shells such as WSO-NG and others by ransomware gangs and in mass exploitation campaigns has been observed. Web shells are difficult to detect and…
-
Qatar Cyber Agency Runs National Cyber Drills
November 22, 2023 at 02:45PM Qatar’s National Cyber Security Agency (NCSA) is conducting cyber drills involving around 170 key organizations to assess their cybersecurity readiness and identify weaknesses. The drills aim to measure the ability to address attacks and threats, and improve coordination, expertise, and response capabilities. This is part of Qatar’s National Cyber Security…
-
Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw
November 22, 2023 at 02:45PM A proof of concept exploit has been developed for a critical zero-day vulnerability in Windows SmartScreen technology that allows attackers to bypass Windows Defender SmartScreen checks without triggering alerts. The exploit requires a user to click on a maliciously crafted Internet shortcut or link. The vulnerability affects Windows 10, Windows…
-
Researchers Undermine ‘Windows Hello’ on Lenovo, Dell, Surface Pro PCs
November 22, 2023 at 02:30PM Researchers, with support from Microsoft, have found ways to compromise three common fingerprint readers used in PCs. They were able to exploit the biometric security of Dell, Lenovo, and Microsoft laptops by taking advantage of the communication between the sensors and the devices. The manufacturers have since patched their chips.…