Security experts devised a stealth attack technique dubbed CIGslip that could be exploited by attackers to bypass Microsoft Code Integrity Guard (CIG) Security researchers at Morphisec discovered a discovered stealth attack technique dubbed CIGslip that could be exploited by attackers to bypass Microsoft Code Integrity Guard (CIG) and inject malicious libraries into protected processes. “Morphisec researchers Michael […]
Google Project Zero disclosed details of an unpatched flaw in the Edge browser because Microsoft failed to address it within a 90-day deadline. White hackers at the Google Project Zero have disclosed details of an unpatched vulnerability in the Edge browser because Microsoft failed to address it within a 90-day deadline according to the Google’s […]
Microsoft officially confirmed that Meltdown and Spectre patches could cause noticeable performance slowdowns contrary to what initially thought. Just after the disclosure of the Meltdown and Spectre vulnerabilities, many security experts argued that forthcoming patches will have a significant impact on the performance (30% degradation), but Intel pointed out that average users will not notice any difference. […]
CC/CERT is warning the Address Space Layout Randomisation (ASLR)Â isnât properly implemented in versions of Microsoft Windows 8 and newer. The researcher Will Dormann from the Carnegie-Mellon CERT has discovered the Address Space Layout Randomisation (ASLR)Â isnât properly implemented in versions of Microsoft Windows 8 and newer. Actually, with Windows 7 and EMET System-wide ASLR, the loaded […]
Powerdown the PowerShell Attacks : Harnessing the power of logs to monitor the PowerShell activities Lately, I have been working on analyzing the PowerShell attacks in my clientsâ environment. Based on the analysis and research, I have come up with a few indicators that will help to detect the potential PowerShell attacks in your environment […]
Another day, another news about a clamorous data breach, this time the Reuters agency revealed that Microsoft suffered a major security breach back in 2013. According to five former employees, hackers broke into the company vulnerabilities and bug reports database, but the news was never disclosed. The former employees explained that Microsoft addressed all the […]
Experts from security firm ESET discovered cyber criminals exploiting Microsoft Servers to mine Monero and already earned $63,000 in 3 Months. Mining cryptocurrencies is a profitable business, but it is also expensive because it needs significant investment in computing power. Crooks are using malicious code that steals computing resources of victims’ machine and the number of […]
Experts found a new alarming method dubbed Bashware attack that allows attackers to silently run malware to bypass even the most common security solutions, The new Windows 10 feature Windows Subsystem for Linux (WSL)Â that implements the Linux bash terminal in Microsoft operating system could be exploited by malware to run undetected. The feature was recently […]
A design flaw within the Windows kernel could be exploited by attackers to evade antivirus and stop them from recognizing malware. A design flaw within the Windows kernel is the root cause for antivirus stopping from recognizing malware, and the bad news is that Microsoft won’t fix it because the tech giant doesn’t consider it as a […]
The dreaded hacking group ShadowBrokers posted a new message, promising to deliver two data dumps a month as part its monthly dumps. The notorious group ShadowBrokers is back with announcing new interesting changes to their Dump Service. The hackers published a new message on the Steemit platform announcing new changed to their service. âMissing theshadowbrokers? If someone […]