From The Hacker News – New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools

From The Hacker News – New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools

A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA) to perform a wide range of malicious activities without tipping off endpoint detection and response (EDR) solutions. "To exploit this technique, a user must be convinced to run a program that uses UI Automation," Akamai security researcher Tomer Peled said in a report shared with The Hacker News. "
From The Hacker News – Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts

From The Hacker News – Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts

Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft's multi-factor authentication (MFA) implementation that allows an attacker to trivially sidestep the protection and gain unauthorized access to a victim's account. "The bypass was simple: it took around an hour to execute, required no user interaction and did not generate any notification or provide the
From The Hacker News – ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms

From The Hacker News – ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms

Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a Domain Name System (DNS) tunnel for command-and-control (C2) communications, indicating that the threat actors are continuing to refine the tool after resurfacing a year ago. "Zloader 2.9.4.0 adds notable improvements including a custom DNS tunnel protocol for C2 communications and an interactive shell
From Cyber Security News – What is Cryptographic Failures?

From Cyber Security News – What is Cryptographic Failures?

 Cryptographic failures occur when the mechanisms and protocols designed to secure data and communications through encryption break down, become compromised, or fail to perform as expected. These failures compromise the…
From The Hacker News – Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017

From The Hacker News – Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017

Cybersecurity researchers have discovered a novel surveillance program that's suspected to be used by Chinese police departments as a lawful intercept tool to gather a wide range of information from mobile devices. The Android tool, codenamed EagleMsgSpy by Lookout, has been operational since at least 2017, with artifacts uploaded to the VirusTotal malware scanning platform as recently as
From The Hacker News – Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia

From The Hacker News – Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia

A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023. The espionage campaign targeted organizations in various sectors spanning government ministries in two different countries, an air traffic control organization, a telecoms company, and a media outlet, the Symantec Threat Hunter Team