#SecurityBypassFlaw

Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice

by

March 27, 2024 at 04:09AM A new phishing campaign discovered by Trustwave SpiderLabs involves a novel loader malware delivering Agent Tesla via a deceptive bank payment notification email. The malware evades detection and antivirus defenses, retrieves its payload using unique URLs, and exfiltrates data via legitimate email accounts. This tactic poses challenges for detection and … Read more

Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw

by

November 22, 2023 at 02:45PM A proof of concept exploit has been developed for a critical zero-day vulnerability in Windows SmartScreen technology that allows attackers to bypass Windows Defender SmartScreen checks without triggering alerts. The exploit requires a user to click on a maliciously crafted Internet shortcut or link. The vulnerability affects Windows 10, Windows … Read more