A notorious Russian APT group has been stealing credentials for years by exploiting a Windows Print Spooler bug and using a novel post-compromise tool known as “GooseEgg,” Microsoft has revealed. APT28 (aka Strontium, Forest Blizzard) has been using GooseEgg since potentially as far back as April 2019 to exploit CVE-2022-38028, Microsoft said in a new […]
First identified in late 2021, Raspberry Robin is a Windows worm initially seen targeting technology and manufacturing organizations. It has since grown to become one of the most prevalent threats facing enterprises. In March, the HP Threat Research team identified a change in the way cybercriminals are spreading Raspberry Robin. The malware is now being […]
The ‘WogRAT’ malware targets both Windows and Linux systems and uses the online notepad platform ‘aNotepad’ to store and retrieve malicious code, making its infection chain stealthy.
The ‘WogRAT’ malware targets both Windows and Linux systems and uses the online notepad platform ‘aNotepad’ to store and retrieve malicious code, making its infection chain stealthy.
The bug affected versions 12.23.1 – 12.72.0 of ExpressVPN for Windows and allowed some DNS requests to bypass ExpressVPN’s server, potentially exposing users’ browsing history.
Feb 12, 2024NewsroomOperating System / Technology Microsoft said it’s introducing Sudo for Windows 11 as part of an early preview version to help users execute commands with administrator privileges. “Sudo for Windows is a new way for users to run elevated commands directly from an unelevated console session,” Microsoft Product Manager Jordi Adoumie said. “It […]
PurpleFox is a modular Windows botnet malware with rootkit capabilities, allowing it to hide and persist on infected devices, and it can be used for activities like introducing more potent payloads and launching DDoS attacks.
Jan 16, 2024NewsroomCryptocurrency / Windows Security Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called Phemedrone Stealer. “Phemedrone targets web browsers and data from cryptocurrency wallets and messaging apps such as Telegram, Steam, and Discord,” Trend Micro researchers Peter Girnus, Aliakbar Zahravi, and Simon […]
Jan 10, 2024NewsroomVulnerability / Windows Security Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for January 2024. Of the 48 bugs, two are rated Critical and 46 are rated Important in severity. There is no evidence that any of the issues are publicly known […]