Novel Exploit Chain Enables Windows UAC Bypass
Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really…
Feds Warn of North Korean Cyberattacks on US Critical Infrastructure
The Andariel group is targeting critical defense, aerospace, nuclear, and engineering companies for data theft, the FBI, NSA, and others…
New Phishing Campaign Using AI generated Emails, Human Live Chat to Target Social Media Business Accounts
Fraudsters leverage complex phishing scams in attempt to gain control over organizations’ Meta accounts A sophisticated phishing campaign is targeting…
Europol takes down 593 Cobalt Strike servers used by cybercriminals
Europol coordinated a joint law enforcement action known as Operation Morpheus, which led to the takedown of almost 600 Cobalt…
Critical MSMQ RCE Bug Opens Microsoft Servers to Complete Takeover
CVE-2024-30080 is the only critical issue in Microsoft's June 2024 Patch Tuesday update, but many others require prompt attention as…
AI is Revolutionizing Phishing for Both Sides. What will make the Difference?
Thanks to AI, phishing attacks are better than ever. So is our ability to stop them. By Antonio Sanchez, Principal…
Fortra Releases Update on Critical Severity RCE Flaw
The flaw has a CVSS rating of 9.8, and the company recommends product upgrades to fix the issue.
Microsoft Discloses Critical Hyper-V Flaws in Low-Volume Patch Update
Microsoft has disclosed fewer flaws and zero-days in the first three months of 2024 compared with the first quarter of…
LabHost cybercrime service lets anyone phish Canadian bank users
The Phishing as a Service (PhaaS) platform 'LabHost' has been helping cybercriminals target North American banks, particularly financial institutes in…
The Week in Ransomware – October 27th 2023 – Breaking Records
Ransomware attacks are increasing significantly, with reports indicating that last month was a record month for ransomware attacks in 2023.…