July 30, 2024 at 03:24AM A new phishing campaign, known as OneDrive Pastejacking, targets Microsoft OneDrive users through social engineering tactics to execute a malicious PowerShell script. The attack tricks users by simulating a OneDrive page and providing false instructions to fix a DNS error. The campaign has been observed in various countries, signaling a … Read more
June 18, 2024 at 10:00AM Threat actors are distributing malicious software through free/pirated commercial software. Hijack Loader camouflages as a Cisco Webex Meetings’ ptService module, stealthily introducing Vidar Stealer. The attack uses DLL side-loading and PowerShell scripts, while other actors employ social engineering tactics to deliver malware like Lumma Stealer and SolarMarker. This underscores the … Read more
February 14, 2024 at 06:29PM Microsoft has warned of a critical vulnerability in Exchange Server, CVE-2024-21410, allowing remote unauthenticated threat actors to escalate privileges. The company has released Exchange Server 2019 Cumulative Update 14 to address this and enable NTLM credentials Relay Protections. Admins are advised to evaluate their environments before toggling EP on Exchange … Read more
January 11, 2024 at 01:35PM Microsoft released a PowerShell script to automate updating the WinRE partition and fix CVE-2024-20666, a BitLocker encryption bypass vulnerability. This addresses a known issue causing KB5034441 install failures on Windows 10, leaving devices vulnerable. The script applies an architecture-specific Safe OS Dynamic Update and reconfigures WinRE for BitLocker service. It’s … Read more