Update Your Windows PCs Immediately to Patch 4 New 0-Days Under Active Attack – Tempemail

Microsoft on Tuesday rolled out security patches to contain a total of 71 vulnerabilities in Microsoft Windows and other software, including a fix for an actively exploited privilege escalation vulnerability that could be exploited in conjunction with remote code execution bugs to take control over vulnerable systems. Two of the Continue Reading

Beware of Fake Amnesty International Antivirus for Pegasus that Hacks PCs with Malware – Tempemail

In yet another indicator of how hacking groups are quick to capitalize on world events and improvise their attack campaigns for maximum impact, threat actors have been discovered impersonating Amnesty International to distribute malware that purports to be security software designed to safeguard against NSO Group’s Pegasus surveillanceware. “Adversaries have Continue Reading

Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs – Tempemail

An unidentified threat actor has been exploiting a now-patched zero-day flaw in Internet Explorer browser to deliver a fully-featured VBA-based remote access trojan (RAT) capable of accessing files stored in compromised Windows systems, and downloading and executing malicious payloads as part of an “unusual” campaign. The backdoor is distributed via Continue Reading

Update Your Windows PCs to Patch 117 New Flaws, Including 9 Zero-Days – Tempemail

Microsoft rolled out Patch Tuesday updates for the month of July with fixes for a total of 117 security vulnerabilities, including nine zero-day flaws, of which four are said to be under active attacks in the wild, potentially enabling an adversary to take control of affected systems. Of the 117 Continue Reading

BIOS PrivEsc Bugs Affect Hundreds of Millions of Dell PCs Worldwide – Tempemail

PC maker Dell has issued an update to fix multiple critical privilege escalation vulnerabilities that went undetected since 2009, potentially allowing attackers to gain kernel-mode privileges and cause a denial-of-service condition. The issues, reported to Dell by researchers from SentinelOne on Dec. 1, 2020, reside in a firmware update driver Continue Reading

Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs – Tempemail

Click Studios, the Australian software company behind the Passwordstate password management application, has notified customers to reset their passwords following a software supply chain attack. The Adelaide-based firm said a bad actor used sophisticated techniques to compromise the software’s update mechanism and used it to drop malware on user computers. Continue Reading

Lenovo ThinkPad X1 Fold review: a glimpse at the future of folding PCs | Lenovo

Lenovo’s ThinkPad X1 Fold is an entirely new form – a tablet PC that closes like a book with a foldable screen. It may just be the future of the computer. The £2,500-plus X1 Fold joins a rarefied group of cutting edge folding-screen devices that include the reinvention of the Continue Reading

Chinese Researchers Disrupt Malware Attack That Infected Thousands of PCs – Tempemail

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. The botnet was traced back to a group it calls ShuangQiang (also called Double Gun), which has been behind several attacks since 2017 aimed at Continue Reading

TrickBot Now Exploits Infected PCs to Launch RDP Brute Force Attacks – Tempemail

A new module for TrickBot banking Trojan has recently been discovered in the wild that lets attackers leverage compromised systems to launch brute-force attacks against selected Windows systems running a Remote Desktop Protocol (RDP) connection exposed to the Internet. The module, dubbed “rdpScanDll,” was discovered on January 30 and is Continue Reading