-
QBot phishing abuses Windows Control Panel EXE to infect devices
Phishing emails distributing the QBot malware are using a DLL hijacking flaw in the Windows 10 Control Panel to infect computers, likely as an attempt to evade detection by security software.
- November 17, 2022
- 01:19 PM
0
-
LockBit ransomware abuses Windows Defender to load Cobalt Strike
Security analysts have observed an affiliate of the LockBit 3.0 ransomware operation abusing a Windows Defender command line tool to decrypt and load Cobalt Strike beacons on the target systems.
- July 29, 2022
- 10:29 AM
5
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
QBot phishing uses Windows Calculator DLL hijacking to infect devices
The operators of the QBot malware have been using a DLL hijacking flaw in Windows Calculator to infect computers, which also helps evade detection by security software.
- July 24, 2022
- 11:18 AM
- 0
-
Adobe Acrobat may block antivirus tools from monitoring PDF files
Security researchers found that Adobe Acrobat is trying to block security software from having visibility into the PDF files it opens, creating a security risk for the users.
- June 21, 2022
- 02:44 PM
- 2
-
Conti, REvil, LockBit ransomware bugs exploited to block encryption
Hackers commonly exploit vulnerabilities in corporate networks to gain access, but a researcher has turned the table by finding exploits in the most common ransomware and malware being distributed today.
- May 03, 2022
- 05:34 PM
- 0
-
New Windows 'Pingback' malware uses ICMP for covert communication
Today, Trustwave researchers have disclosed their findings on a novel Windows malware sample that uses Internet Control Message Protocol (ICMP) for its command-and-control (C2) activities. Dubbed "Pingback," this malware targets Windows 64-bit systems, and uses DLL Hijacking to gain persistence.
- May 04, 2021
- 09:00 AM
- 1
-
TrickBot turns 100: Latest malware released with new features
The TrickBot cybercrime gang has released the hundredth version of the TrickBot malware with additional features to evade detection.
- November 21, 2020
- 11:01 AM
- 0
-
Valorant update causes VCRUNTIME140.dll is missing error, how to fix
After installing today's Valorant update, Windows users are reporting that they are unable to launch the game and are shown a 'VCRUNTIME140.dll is missing' error.
- September 01, 2020
- 04:37 PM
- 0
-
Hackers Replace Windows Narrator to Get SYSTEM Level Access
Chinese hackers are replacing the legitimate Narrator app on targeted Windows systems with a trojanized version that gives them remote access with privileges of the most powerful account on the operating system.
- September 25, 2019
- 12:26 PM
- 0
-
Check Point Patches Privilege Escalation Flaw in Endpoint Client
Check Point Software patched a vulnerability discovered in its Endpoint Security Initial Client software for Windows allowing potential attackers to escalate privileges and execute code using SYSTEM privileges.
- August 27, 2019
- 02:53 PM
- 1
-
Bitdefender Fixes Privilege Escalation Bug in Free Antivirus 2020
A vulnerability in the free version of Bitdefender Antivirus could be exploited by an attacker to get SYSTEM-level permissions, reserved for the most privileged account on a Windows machine.
- August 22, 2019
- 12:53 AM
- 1
-
Trend Micro Fixes Privilege Escalation Bug in Password Manager
A vulnerability in Trend Micro's Password Manager could be exploited to run programs with the permissions of the most privileged account on a Windows system.
- August 15, 2019
- 05:10 AM
- 1
-
DLL Cryptomix Ransomware Variant Installed Via Remote Desktop
The CryptoMix ransomware is still alive and kicking as a new variant has been spotted being spread in the wild. This new version appends the .DLL extension to encrypted files and is said to be installed through hacked remote desktop services.
- April 18, 2019
- 05:25 AM
- 0
-
Man Pleads Guilty to Manipulating Lottery Winning Tickets via Hacked Computer
Eddie Tipton, 54, admitted to creating malware in the form of a DLL file, which he loaded on the secure computers of the Multi-State Lottery Association (MSLA), a company that runs lotteries in 33 states, but also in the District of Columbia, Puerto Rico and the U.S. Virgin Islands.
- July 11, 2017
- 06:06 AM
- 0
-
Locky / Zepto Ransomware now being installed from a DLL
Over the past few days, the Locky / Zepto developers have switched to using a DLL to install the Locky Ransomware rather than an executable. This is probably being done for further obfuscation and to bypass executable blockers as rundll32.exe is typically white listed.
- August 26, 2016
- 02:21 PM
- 1
