Please turn on your JavaScript for this page to function normally.
WPS
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)

ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was …

x64dbg
x64dbg: Open-source binary debugger for Windows

x64dbg is an open-source binary debugger for Windows, designed for malware analysis and reverse engineering of executables without access to the source code. It offers a wide …

Patch Tuesday
Microsoft fixes 6 zero-days under active attack

August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly …

Microsoft Windows
“Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days

A researcher has developed a downgrade attack that can make Windows machines covertly, persistently and irreversibly vulnerable, even if they were fully patched before that. A …

Windows
Researchers unearth MotW bypass technique used by threat actors for years

Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping …

Crowdstrike
Some good may come out of the CrowdStrike outage

Estimated financial losses due to the recent massive IT outage triggered by the faulty CrowdStrike update are counted in billions, but the unfortunate incident is having …

Microsoft Crowdstrike
Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update

By now, most people are aware of – or have been personally affected by – the largest IT outage the world have ever witnessed, courtesy of a defective update for …

Crowdstrike
Update: Worldwide IT outage due to buggy Crowdstrike sensor configuration update

The world is 16+ hours into what looks like the biggest IT outage in history, triggered by a defective update for Crowdstrike endpoint security software for Windows machines. …

Crowdstrike
Faulty CrowdStrike update takes out Windows machines worldwide

A more recent update on the situation (July 19, 2024, 12:42 ET) Hundreds of thousands and possibly millions of Windows computers and servers worldwide have been made …

Microsoft
Void Banshee APT exploited “lingering Windows relic” in zero-day attacks

The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to …

Patch Tuesday
Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)

For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080, CVE-2024-38112) in …

malware
Clever macOS malware delivery campaign targets cryptocurrency users

Cryptocurrency users are being targeted with legitimate-looking but fake apps that deliver information-stealing malware instead, Recorded Future’s researchers are …

Don't miss

Cybersecurity news