Proxy authentication flaw can be exploited to crack HTTPS protection
Mistakes made in the implementation of proxy authentication in a variety of operating systems and applications have resulted in security vulnerabilities that allow MitM …
Microsoft releases five critical updates
Microsoft continued a trend of fewer updates than we are used to with only 9 bulletins (5 critical and 4 important) released this month. It stands to reason that Microsoft may …
Malware hidden in digitally signed executables can bypass AV protection
Researchers have shown that it’s possible to hide malicious code in digitally signed executables without invalidating the certificate, and execute this code – all …
Remote Butler attack: APT groups’ dream come true
Microsoft security researchers have come up with an extension of the “Evil Maid” attack that allows attackers to bypass local Windows authentication to defeat full …
UAC bypass attack on Windows 10 allows malicious DLL loading
Security researchers Matt Graeber and Matt Nelson have discovered a way to run a malicious DLL on Windows 10 without the User Account Control (UAC) springing into action and …
Windows 10 Anniversary Update brings security improvements
Microsoft has scheduled the release of Windows 10 Anniversary Update for August 2. Aside from new and/or improved tools to aid with productivity, gaming, device set-up, and a …
Bloatware-be-gone refresh tool added to Windows 10
In the latest test build of Windows 10 Anniversary Update released last week, Microsoft has introduced a tool that allows users to get rid of bloatware and crapware with one …
Malware exploits BITS to retain foothold on Windows systems
If you’re sure that you have cleaned your system of malware, but you keep seeing malware-related network alerts, it’s possible that at some point you’ve been …
Windows zero-day exploit offered for sale on underground market
Someone is selling an exploit for a Windows zero-day on an underground market for Russian-speaking cyber criminals, and the current price is set at $90,000. Trustwave …
Tech support scammers start locking Windows computers
Tech support scammers have come up with a new way to trick users into sharing their payment card information: screen lockers showing fake Windows alerts telling users that …
CryptXXX 2.0 foils decryption tool, locks PCs
CryptXXX ransomware, first spotted in mid-April, has reached version 2.0, and a new level of nastiness. It’s also on its way to become one of the top ransomware families …
McAfee uses web beacons that can be used to track and serve advertising to users
A test of seven OEM laptops running Windows has shown consistent privacy and security issues, including an interesting revelation that the McAfee Antivirus running on six of …