Attacks Abuse Windows Phone Link to Steal Texts & Bypass 2FA
In hard-to-detect attacks, hackers are dropping the CloudZ RAT and a fresh plug-in, Pheno, to hijack the Windows-based bridge between PCs and smartphones.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
In hard-to-detect attacks, hackers are dropping the CloudZ RAT and a fresh plug-in, Pheno, to hijack the Windows-based bridge between PCs and smartphones.
Three of those zero-days are security feature bypass flaws, which give attackers a way to slip past built-in protections in multiple Microsoft products.
A campaign against Microsoft 365 users leverages Quantum Route Redirection, which simplifies previously technical attack steps and has affected victims across 90 countries.
Windows 11 machines remain open to downgrade attacks, where attackers can abuse the Windows Update process to revive a patched driver signature enforcement (DSE) bypass.
Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really a vulnerability.
Analysts have been picking up increased cases of malware delivery via Windows Installer files in Southeast Asia.
The attack affects organizations that have synced multiple on-premises Active Directory domains to a single Azure tenant.
Protections like Windows Smart App Control are useful but susceptible to attacks that allow threat actors initial access to an environment without triggering any alerts.
Accenture researcher undercut WHfB's default authentication using open source Evilginx adversary-in-the-middle (AitM) reverse-proxy attack framework.
The service, likely a rebrand of a previous operation called 'Caffeine,' mainly targets financial institutions in the Americas and EMEA and uses malicious QR codes and other advanced evasion tactics.
An open direct vulnerability in the Nespresso Web domain lets attackers bypass detection as they attempt to steal victims' Microsoft credentials.
Attackers use Google redirects in their phishing attack leveraging a now-patched vulnerability that spreads the multifaceted malware.
The Water Hydra cyberattacker group is one adversary using the zero-days to get past built-in Windows protections.
Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November.
Another two bugs in this month's set of fixes for 63 CVEs were publicly disclosed previously but have not been exploited yet.
The "nOAuth" attack allows cross-platform spoofing and full account takeovers, and enterprises need to remediate the issue immediately, researchers warn.
The June 2023 Patch Tuesday security update included fixes for a bypass for two previously addressed issues in Microsoft Exchange and a critical elevation of privilege flaw in SharePoint Server.
Microsoft says the vulnerability could allow cyberattackers with root access to bypass security protections and install malware.
Security vendors urge organizations to fix the actively exploited bugs, in Microsoft Outlook and the Mark of the Web feature, immediately.
BlackLotus is the first in-the-wild malware to exploit a vulnerability in the Secure Boot process on Windows, and experts expect copycats and imminent increased activity.