Windows

APT36 is a highly sophisticated APT (Advanced Persistent Threat) group that is known for conducting targeted espionage in South Asia and is strongly linked to Pakistan. While this APT group is known for targeting the...

A recent cyberattack effort was discovered that used a malicious Word document delivered via phishing emails, causing victims to download a loader that launched a succession of malware payloads.  OriginBotnet, RedLine Clipper, and Agent Tesla...

Threat actors have been actively employing Loda, a remote access trojan (RAT) developed in AutoIT, an accessible language for automating Windows computer scripting. The malware may deliver various harmful payloads in addition to keylogging, taking...

Recently, cybersecurity researchers at Deep Instinct have asserted that hackers can exploit the Windows container isolation framework to bypass the security defenses and mechanisms of organizations. Containers revolutionize the way applications are packaged and isolated,...

Hackers actively leverage LOLBAS (Living-Off-the-Land Binaries-And-Scripts), it's a popular methodology that is used by threat actors for exploiting legit tools for hiding the illicit actions performed by them. Since LOLBAS gaining traction at a rapid...

A phishing website impersonating the popular Russian site CryptoPro CSP has been detected by the Cyble Research and Intelligence Labs (CRIL) in a recent discovery. The distribution of DarkWatchman malware was being carried out by...

Following a series of cyberattacks, including ransomware attacks, Microsoft recently revoked several Microsoft hardware developer accounts. In a coordinated disclosure, the news came from the following entities:- Microsoft Mandiant Sophos SentinelOne Authenticode signatures from Microsoft's Windows Hardware Developer Program have...

Windows Security Center is one of the most popular and trusted products from Microsoft. This product allows you to protect your PC from malware and other threats. However, some users may experience some performance...

It was revealed recently by security researchers at Varonis Threat Labs, that Microsoft Windows contains two vulnerabilities in Event logs, one of which can be exploited in order to cause a Denial of Service...

In a recent investigation, the Sygnia security firm found Linux-based ransomware, Cheerscrypt. This ransomware was found using the TTPs of Night Sky ransomware. There is a common threat group called Emperor Dragonfly (A.K.A. DEV-0401/BRONZE STARLIGHT)...