November 21, 2024 at 02:01PM Microsoft has acknowledged issues affecting Windows 10 users unable to update or uninstall packaged apps, including Microsoft Teams, due to the WinAppSDK 1.6.2 package. A fix is forthcoming, and the problematic update has been pulled. Users can access workarounds via PowerShell or Command Prompt until the resolution is deployed. **Meeting … Read more
October 15, 2024 at 03:42AM Cybersecurity researchers identified a new malware campaign delivering Hijack Loader artifacts signed with legitimate certificates. The campaign employs deceptive tactics like fake CAPTCHA pages and PowerShell scripts to deploy the Lumma information stealer. Meanwhile, other malware, including CoreWarrior and XWorm, exhibit increasing sophistication and capabilities in cyberattacks. ### Meeting Takeaways … Read more
July 16, 2024 at 05:50PM The top three technologies for new hires in enterprise security operations centers (SOCs) are SIEM, host-based extended detection and response, and vulnerability remediation. Additionally, hard skills such as cloud security, PowerShell expertise, and automation are highly valued. Soft skills like critical thinking, problem solving, attention to detail, and communication are … Read more
July 10, 2024 at 02:28AM The ViperSoftX malware, identified in 2020, has now evolved to use .NET CLR to obfuscate its PowerShell commands, concealing them in AutoIt-generated scripts. This sophisticated malware targets professionals by infiltrating pirated eBooks and aims to steal system information and cryptocurrency. Trellix’s report provides detection details for this new variant. Key … Read more
May 23, 2024 at 01:42AM Microsoft announced the deprecation of Visual Basic Script (VBScript) in favor of advanced alternatives like JavaScript and PowerShell. The plan will be implemented in three phases, ultimately eliminating VBScript from Windows. Additionally, Microsoft’s Recall feature has raised privacy concerns, with the U.K. Information Commissioner’s Office seeking transparency and safeguards for … Read more
May 22, 2024 at 02:35PM Microsoft will deprecate VBScript by 2024, making it an on-demand feature and eventually removing it. Program manager Naveen Shankar said newer scripting languages like JavaScript and PowerShell offer better capabilities for modern web development and automation. VBScript will be gradually phased out, with the final retirement expected around 2027 due … Read more
April 10, 2024 at 12:19PM Adversaries are utilizing AI-generated PowerShell scripts, likely produced using OpenAI’s ChatGPT, Google’s Gemini, or Microsoft’s CoPilot, to execute attacks such as the distribution of the Rhadamanthys information stealer. This marks a concerning trend of threat actors applying AI for malicious activities, prompting concerns about the potential impact on cybersecurity and … Read more
March 18, 2024 at 02:33PM A new complex attack campaign, DEEP#GOSU, employing PowerShell and VBScript malware to infect Windows systems and gather sensitive information has been linked to the North Korean state-sponsored group Kimsuky. The campaign uses legitimate services like Dropbox and Google Docs for command-and-control, and has been observed using methods such as utilizing … Read more
February 4, 2024 at 12:19PM CERT-UA has warned of over 2,000 computers in Ukraine infected with DirtyMoe malware, attributed to threat actor UAC-0027. The malware conducts cryptojacking and DDoS attacks, and is propagated through Purple Fox and fake software installers. Another campaign known as STEADY#URSA targets Ukrainian military personnel with a PowerShell backdoor. Gamaredon is … Read more
January 31, 2024 at 06:22AM UNC4990, a financially motivated threat actor, is using weaponized USB devices to infect organizations in Italy. The attacks target various industries and involve utilizing third-party websites to host and download additional stages of the attack. UNC4990 operates out of Italy and has been active since late 2020. The end goal … Read more