Experts found a new alarming method dubbed Bashware attack that allows attackers to silently run malware to bypass even the most common security solutions, The new Windows 10 feature Windows Subsystem for Linux (WSL) that implements the Linux bash terminal in Microsoft operating system could be exploited by malware to run undetected. The feature was recently

A design flaw within the Windows kernel could be exploited by attackers to evade antivirus and stop them from recognizing malware. A design flaw within the Windows kernel is the root cause for antivirus stopping from recognizing malware, and the bad news is that Microsoft won’t fix it because the tech giant doesn’t consider it as a security issue

The dreaded hacking group ShadowBrokers posted a new message, promising to deliver two data dumps a month as part its monthly dumps. The notorious group ShadowBrokers is back with announcing new interesting changes to their Dump Service. The hackers published a new message on the Steemit platform announcing new changed to their service. “Missing theshadowbro

A few months back we reported how opening a simple MS Word file could compromise your computer using a critical vulnerability in Microsoft Office.The Microsoft Office remote code execution vulnerability (CVE-2017-0199) resided in the Windows Object Linking and Embedding (OLE) interface for which a patch was issued in April this year, but threa

Microsoft released a new security update on June 17th in an attempt to patch a vulnerability which allowed the Stuxnet Virus to exploit Windows systems. The Stuxnet Virus which attacks Industrial Control Systems was first discovered in 2010 when it infected Iranian Programmable Logic Controllers.  Stuxnet compromises controllers by first targeting Windows op

Adobe last week detailed plans to retire its Flash Player software, a cross-platform browser plugin so powerful and so packed with security holes that it has become the favorite target of malware developers. To help eradicate this ubiquitous liability, Adobe is enlisting the help of Apple, Facebook, Google, Microsoft and Mozilla. But don’t break out th

Microsoft used the lawsuit to disrupt a large number of cyber espionage campaigns conducted by infamous Fancy Bear APT hacking group We have discussed several times about hacking back and the case we are going to analyze is a good example of an alternative approach to hit back an APT group. Microsoft used the lawsuit to disrupt a large number of cyber espio

Microsoft announced that Canonical’s Ubuntu Linux Distro is now available in the Windows Store and can be installed on any Windows Insider build=>#16215. Windows and Linux always closer. During the Microsoft Build developer conference held in Seattle in May the company announced that three free Linux distro will be included in its official app store, all

As part of the Microsoft Patch Tuesday, the tech giant fixed two critical flaws in Windows NTLM Security Protocol. Users must apply the patch asap. As part of the July Patch Tuesday, Microsoft has released security patches for a serious privilege escalation flaw affecting all Windows operating system versions for enterprises released since 2007. Experts at

Microsoft is warning sysadmins to check their Azure Active Directory Connect installs and patch them against an important Privilege Escalation flaw. Microsoft fixed an important privilege escalation vulnerability in Azure Active Directory (AD) Connect, tracked as CVE-2017-8613, that can be exploited by attackers to hijack the accounts of privileged users. A

Shadow Brokers has sent out the first round of exploits to the subscribers of its service, the hackers also threaten to dox former NSA hacker. In May the notorious Shadow Brokers group announced the launch of a monthly subscription model for its data dumps, 0-Day Exploit Subscriptions goes for $21,000 per month. The group claimed to have exploit codes for al

Early on Tuesday, June 27, reports began to circulate that organizations in the Ukraine and elsewhere in Europe were suffering ransomware attacks. It quickly became clear that this Petya attack could equal or surpass the May WannaCry attack. WannaCry’s spread was so successful because it was powered by a flaw in Windows, and although Microsoft had rele

The Google Project Zero expert Tavis Ormandy has found a flaw in Windows Defender that allow attackers to bypass the Microsoft anti-virus tool. The popular Google Project Zero hacker Tavis Ormandy has discovered a new bug in Windows Defender that allow attackers to circumvent the Microsoft anti-virus tool. Ormandy publicly disclosed the news of the vulnerabi

Conventional wisdom says one reason so many hackers seem to hail from Russia and parts of the former Soviet Union is that these countries have traditionally placed a much greater emphasis than educational institutions in the West on teaching information technology in middle and high schools, and yet they lack a Silicon Valley-like pipeline to help talented I

Microsoft released the June 2017 Patch Tuesday to address more than 90 security flaws, including two critical RCE that have been exploited in attacks. Microsoft released June Patch Tuesday updates that address more than 90 vulnerabilities, including two critical remote code execution (RCE) vulnerabilities that have been exploited in attacks. The first vulner