Microsoft Windows – Page 7 – WindowsTechs.com

Gaming-related cyberthreats in 2020 and 2021

Posted on August 23, 2021 by Kaspersky

In this report, you will find statistics and other information about gaming-related malware, phishing schemes and other threats in 2020 and the first half of 2021. Continue reading Gaming-related cyberthreats in 2020 and 2021→

Hunting for Evidence of DLL Side-Loading With PowerShell and Sysmon

Posted on August 18, 2021 by John Dwyer

Recently, X-Force Red released a tool called Windows Feature Hunter, which identifies targets for dynamic link library (DLL) side-loading on a Windows system using Frida. To provide a defensive counter-measure perspective for DLL side-loading, X-Force Incident Response has released SideLoaderHunter, which is a system profiling script and Sysmon configuration designed to identify evidence of side-loading […]

The post Hunting for Evidence of DLL Side-Loading With PowerShell and Sysmon appeared first on Security Intelligence.

Continue reading Hunting for Evidence of DLL Side-Loading With PowerShell and Sysmon→

Scammers are using fake Microsoft 11 installers to spread malware

Posted on July 26, 2021 by Tim Starks

Windows 11 won’t hit the street until later this year, but that hasn’t stopped hackers from trying to use it to infect victims with malware. Security firm Kaspersky warned on Friday that crooks were exploiting people overeager to get their hands on the Microsoft operating system update, due for fall release, with fake installers. “Although Microsoft has made the process of downloading and installing Windows 11 from its official website fairly straightforward, many still visit other sources to download the software, which often contains unadvertised goodies from cybercriminals (and isn’t necessarily Windows 11 at all),” Kaspersky wrote. Those sarcastic “goodies” range from relatively innocuous adware to password stealers and trojans. It’s not unprecedented for cybercriminals to use demand for a product or service to take advantage of victims, be it coronavirus contact tracing apps or the Telegram encrypted messaging app. Microsoft announced Windows 11 in late June, and shortly after […]

The post Scammers are using fake Microsoft 11 installers to spread malware appeared first on CyberScoop.

Continue reading Scammers are using fake Microsoft 11 installers to spread malware→

Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)

Posted on July 8, 2021 by Kaspersky

Last week Microsoft warned Windows users about vulnerabilities in the Windows Print Spooler service – CVE-2021-1675 and CVE-2021-34527 (also known as PrintNightmare). We are closely monitoring the situation and improving generic detection of these vulnerabilities. Continue reading Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)→

Wildpressure targets the macOS platform

Posted on July 7, 2021 by Denis Legezo

We found new malware samples used in WildPressure campaigns: newer version of the C++ Milum Trojan, a corresponding VBScript variant with the same version number, and a Python script working on both Windows and macOS. Continue reading Wildpressure targets the macOS platform→

Hunting for Windows “Features” with Frida: DLL Sideloading

Posted on July 1, 2021 by Chris Spehn

Offensive security professionals have been using Frida for analyzing iOS and Android mobile applications. However, there has been minimal usage of Frida for desktop operating systems such as Windows. Frida is described by the author as a “Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.” From a security research and adversarial simulation perspective, Frida […]

The post Hunting for Windows “Features” with Frida: DLL Sideloading appeared first on Security Intelligence.

Continue reading Hunting for Windows “Features” with Frida: DLL Sideloading→

PuzzleMaker attacks with Chrome zero-day exploit chain

Posted on June 8, 2021 by Costin Raiu, Boris Larin, Alexey Kulaev

We detected a wave of highly targeted attacks against multiple companies. Closer analysis revealed that all these attacks exploited a chain of Google Chrome and Microsoft Windows zero-day exploits. Continue reading PuzzleMaker attacks with Chrome zero-day exploit chain→

IT threat evolution Q1 2021

Posted on May 31, 2021 by David Emm

SolarWinds attacks, MS Exchange vulnerabilities, fake adblocker distributing miner, malware for Apple Silicon platform and other threats in Q1 2021. Continue reading IT threat evolution Q1 2021→

Esper raises $30M Series B for its IoT DevOps platform

Posted on May 20, 2021 by Frederic Lardinois

There may be billions of IoT devices in use today, but the tooling around building (and updating) the software for them still leaves a lot to be desired. Esper, which today announced that it has raised a $30 million Series B round, builds the tools to enable developers and engineers to deploy and manage fleets […] Continue reading Esper raises $30M Series B for its IoT DevOps platform→

Try This One Weird Trick Russian Hackers Hate

Posted on May 17, 2021 by BrianKrebs

In a Twitter discussion last week on ransomware attacks, KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to cover the backsides of the malware purveyors: They simply will not install on a Microsoft Windows computer that already has one of many types of virtual keyboards installed — such as Russian or Ukrainian. So many readers had questions in response to the tweet that I thought it was worth a blog post exploring this one weird cyber defense trick. Continue reading Try This One Weird Trick Russian Hackers Hate→