Microsoft fixes MoTW zero-day used to drop malware via ISO files
Windows has fixed a bug that prevented Mark of the Web flags from propagating to files within downloaded ISO files,…
5 Easy Steps to Bypass Google Pixel Lock Screens
PIN-locked SIM card? No problem. It's easy for an attacker to bypass the Google Pixel lock screen on unpatched devices.
New hacking group uses custom ‘Symatic’ Cobalt Strike loaders
A previously unknown Chinese APT (advanced persistent threat) hacking group dubbed 'Earth Longzhi' targets organizations in East Asia, Southeast Asia,…
Lenovo fixes flaws that can be used to disable UEFI Secure Boot
Lenovo has fixed two high-severity vulnerabilities impacting various ThinkBook, IdeaPad, and Yoga laptop models that could allow an attacker to…
Patch Tuesday, November 2022 Election Edition
Let's face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story…
VMware fixes three critical auth bypass bugs in remote access tool
VMware has released security updates to address three critical severity vulnerabilities in the Workspace ONE Assist solution that enable remote attackers…
Microsoft fixes ProxyNotShell Exchange zero-days exploited in attacks
Microsoft has released security updates to address two high-severity Microsoft Exchange zero-day vulnerabilities collectively known as ProxyNotShell and exploited in…
Microsoft November 2022 Patch Tuesday fixes 6 exploited zero-days, 68 flaws
Today is Microsoft's November 2022 Patch Tuesday, and with it comes fixes for six actively exploited Windows vulnerabilities and a…
Microsoft Warns on Zero-Day Spike as Nation-State Groups Shift Tactics
The software giant also recorded an increase in attacks on IT services companies as state-backed threat actors have adapted to…
Robin Banks phishing service returns to steal banking accounts
The Robin Banks phishing-as-a-service (PhaaS) platform is back in action with infrastructure hosted by a Russian internet company that offers protection…