It is learnt that a new fileless attack method that exploits the Microsoft Windows Error Reporting (WER) service is the handiwork of an unknown hacking group. The attack vector, as per Malwarebytes security researchers Hossein Jazi and Jérôme Segura, hinges on malware interring itself in WER-based executables to dodge igniting Continue Reading
On Tuesday, technology giant Google released Chrome 86 to the stable channel, and this new release comprises many security improvements and new APIs for developers. Each new Chrome release typically focuses on a chief theme. For instance, Chrome 84 focused on UI repairs, while Chrome 85 fixated on speed and Continue Reading
On Monday, Microsoft said that Iranian cybercriminals are taking advantage of the Zerologon flaw in several hacking campaigns. Successful attacks would let hackers take over servers called domain controllers (DC) that are the foci of most enterprise networks and allow interlopers to gain full control over their targets. The company Continue Reading
A new ransomware vaccine program has been developed that terminates processes that use Microsoft’s vssadmin.exe application to strive to remove volume shadow copies. Windows can make copies of your system and data files every day and save them in snapshots of Shadow volume copy. If they are mistakenly changed Continue Reading
Zerologon is the name that has been given to a vulnerability identified in CVE-2020-1472. Due to the flaw in the logon process, it is called zerologon, where the initialization vector (IV) is set to all zeros all the time, while a random number should still be an initialization vector (IV). Continue Reading
By