A newly discovered phishing campaign, known as the FLUX#CONSOLE campaign, has taken the cybersecurity community by surprise. Unveiled by the Securonix Threat Research team, this sophisticated attack targets users through Microsoft Common Console Document (MSC) files, showcasing a departure from the traditional use of malicious LNK shortcut files to deliver stealthy backdoor payloads on Windows systems. Phishing Tactics The campaign
As the release of iOS 18.2 approaches, iPhone users around the world are eager to explore the new features and improvements it brings. However, it’s crucial to prepare your device to ensure a smooth transition and safeguard your data. Before jumping into the exciting new functionalities like Genmoji and Visual Intelligence, it’s essential to create a robust backup. While iCloud
The cybersecurity landscape is constantly evolving, and the latest threat has emerged from a zero-day vulnerability in Cleo’s managed file transfer (MFT) tool. Identified as CVE-2024-50623, this vulnerability has led to an active ransomware campaign that poses significant risks to organizations using Cleo products such as Cleo Harmony, Cleo VLTrader, and Cleo LexiCon. The recent publication of a proof-of-concept exploit
December’s Patch Tuesday has arrived, bringing a slew of updates from Microsoft aimed at addressing vulnerabilities across various platforms. This month, Microsoft released 74 updates, targeting Windows, Office, and Edge, but notably excluding Microsoft Exchange Server and SQL Server. Among these updates, a critical zero-day vulnerability (CVE-2024-49138) affecting Windows desktops demands immediate attention. Let’s delve into the key updates and
The rapidly advancing world of technology continually faces new challenges, and one of the most critical of these is ensuring the security of software systems. Recently, a significant vulnerability was discovered in Windows 11, allowing attackers to gain elevated system privileges through an integer overflow vulnerability in the ksthunk.sys driver. This flaw was unveiled during the TyphoonPWN 2024 event, shedding
In a significant push to strengthen the resilience and security of its operating systems, Microsoft is set to roll out a series of advanced security features for Windows by 2025. These updates aim to address critical user and application privileges, enhance recovery mechanisms from system crashes, and fortify overall system defenses. The upcoming enhancements cover a broad spectrum of improvements,
For those frustrated with an abundance of unnecessary components slowing down their computers, Tiny11 offers a potentially perfect solution for anyone looking for a minimalistic and efficient Windows 11 experience. This utility, developed by NTDEV, has recently been updated to support the latest Windows 11 24H2 edition. By focusing on removing bloatware, Tiny11 allows users to install a streamlined version
In a sophisticated cyber attack campaign dubbed CRON#TRAP, cybercriminals are targeting Windows machines using weaponized Linux virtual machines to bypass traditional defenses. The threat begins with a cleverly disguised phishing email containing a malicious shortcut (‘.lnk’) file masked as a "OneAmerica Survey." When the user executes this file, it deploys a substantial 285MB package that includes a legitimate virtualization tool,
A newly uncovered vulnerability in Windows Themes has the potential to expose NTLM credentials to attackers, putting numerous Windows users at risk. Despite Microsoft issuing a patch for the CVE-2024-38030 vulnerability, which aimed to address the Windows Themes spoofing issue initially reported by Tomer Peled of Akamai, the flaw remains largely unmitigated across several Windows platforms. Further research conducted by
Recent revelations have unveiled critical security flaws in Realtek’s SD card reader driver, RtsPer.sys, which affect numerous laptops from major manufacturers such as Dell, Lenovo, HP, and MSI. These vulnerabilities, some of which have remained undisclosed for years, pose serious risks to users by potentially allowing attackers to leak kernel memory, write to arbitrary kernel addresses, and access physical memory
A new attack technique could be used to bypass Microsoft’s Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. “This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize security controls, hide processes and network activity, maintain stealth, and much more,” SafeBreach researcher Alon Leviev said in
NVIDIA has issued a critical security update for its GPU Display Driver, addressing multiple vulnerabilities that pose significant risks such as remote code execution, privilege escalation, and data tampering on Windows and Linux systems. The driver facilitates essential communication between the operating system and NVIDIA graphics cards, enabling complex graphical tasks. Regular updates are thus pivotal for maintaining optimal performance
