Author: nlqip

A new Linux backdoor called ‘WolfsBane’ has been discovered, believed to be a port of Windows malware used by the Chinese ‘Gelsemium’ hacking group. ESET security researchers who analyzed WolfsBane report that WolfsBane is a complete malware tool featuring a dropper, launcher, and backdoor, while it also uses a modified open-source rootkit to evade detection. The…

Read More

​Microsoft has released the November 2024 preview cumulative update for Windows 11 24H2, with 14 improvements and fixes for multiple issues, including some affecting File Explorer, the Clipboard history, and secondary displays. The KB5046740 update is part of Microsoft’s optional non-security preview updates schedule, pushed out on the fourth week of every month to help Windows…

Read More

Nvidia could finish its current fiscal year with revenue that is not only more than double what it made the previous year when it surpassed Intel in annual sales for the first time. It would also be 64 percent higher than the combined full-year revenues forecasted by Intel and AMD. Nvidia earned nearly 75 percent…

Read More

Microsoft has confirmed that, since November 12, some Windows 10 users have been unable to update or uninstall packaged applications like Microsoft Teams. This known issue is caused by the WinAppSDK 1.6.2 package, which was automatically delivered to affected users’ systems after installing an app developed using Win App SDK. On impacted Windows 10 22H2…

Read More

The BianLian ransomware operation has shifted its tactics, becoming primarily a data theft extortion group, according to an updated advisory from the U.S. Cybersecurity & Infrastructure Security Agency, the FBI, and the Australian Cyber Security Centre. This new information comes in an update to a joint advisory released in May by the same agencies, which…

Read More

​Microsoft and the Justice Department have seized over 240 domains used by customers of ONNX, a phishing-as-a-service (PhaaS) platform, to target companies and individuals across the United States and worldwide since at least 2017. According to Microsoft’s Digital Defense Report 2024, ONNX (previously known as Caffeine) was the top Adversary in the Middle (AitM) phishing…

Read More

A landmark global report emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the second of our two-part series, we take you beyond the basics to highlight three key areas to focus on. The landmark report Detecting and Mitigating Active Directory Compromises — released in September by cybersecurity…

Read More

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-44308 Apple Multiple Products Code Execution Vulnerability CVE-2024-44309 Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability CVE-2024-21287 Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability Users and administrators are also encouraged to review the Palo Alto Threat Brief: Operation Lunar Peek…

Read More

A landmark global report from cybersecurity agencies emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the first of our two-part series, we offer five steps you can take today to shore up your AD defenses. Microsoft’s Active Directory (AD) is at the heart of identity and access…

Read More

‘[The] DOJ’s proposal would literally require us to install not one but two separate choice screens before you could access Google Search on a Pixel phone you bought. And the design of those choice screens would have to be approved by the Technical Committee. We wish we were making this up,’ says Google’s Kent Walker,…

Read More