November 2, 2023 at 05:30AM Researchers have discovered that up to 34 different Windows drivers could be exploited by threat actors without privileged access to gain control of devices and execute arbitrary code. Exploiting these drivers could allow attackers to erase or alter firmware and elevate privileges. The vulnerabilities have been identified in drivers including … Read more
October 30, 2023 at 12:42AM A cyber attack campaign has been using MSIX Windows app package files to distribute a new malware loader named GHOSTPULSE. The attack targets popular software like Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex. Potential victims are enticed to download the packages through compromised websites, SEO poisoning, or malvertising. … Read more
October 23, 2023 at 02:09PM The Quasar RAT malware is using DLL side-loading to steal data from compromised Windows hosts. The malware disguises itself as legitimate files, such as ctfmon.exe and calc.exe, to avoid detection. It can gather system information, execute commands, and establish remote access. The attack vector is likely phishing emails. Stay vigilant … Read more
October 18, 2023 at 08:48AM Lost and stolen computers pose a significant risk to data security, accounting for 17% of breaches. The threats include unauthorized access, lack of encryption, and physical access to corporate networks. To mitigate this risk, organizations should train employees, implement geolocation and geofencing, conduct endpoint data discovery, apply endpoint data encryption, … Read more
October 17, 2023 at 05:54PM IT administrators are using weak passwords to protect access to portals, leaving enterprise networks vulnerable to cyberattacks. Over 40,000 administrator credentials analyzed had the default password “admin,” showing a lack of strong authentication. Researchers warn that threat actors are targeting privileged users. To defend networks, strong and unique passwords should … Read more
October 14, 2023 at 02:48AM Microsoft plans to eliminate NT LAN Manager (NTLM) in Windows 11, focusing instead on strengthening the Kerberos authentication protocol. New features in Windows 11 include Initial and Pass Through Authentication Using Kerberos (IAKerb) and a local Key Distribution Center (KDC) for Kerberos. NTLM has vulnerabilities that make it susceptible to … Read more