-
Cybersecurity researchers at FortiGuard Labs have uncovered a sophisticated phishing campaign that deploys the MostereRAT remote access trojan to compromise Windows systems. The malware leverages advanced evasion techniques and installs legitimate remo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly demonstrated attack technique has revealed a flaw in how Windows Defender manages its update and execution mechanism. By exploiting symbolic links, attackers can hijack Defender’s service folders, gain full control over its executables, and eve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The North Korean-aligned threat group APT37, also known as ScarCruft, Ruby Sleet, and Velvet Chollima, has evolved its cyber warfare capabilities by deploying sophisticated Rust and Python-based malware in recent campaigns targeting Windows systems. Ac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A severe vulnerability in Windows Defender’s update process allows attackers with administrator privileges to disable the security service and manipulate its core files. The technique, which leverages a flaw in how Defender selects its execution folder, can be carried out using tools already available on the Windows operating system. The vulnerability was detailed by Zero […] The post Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
After a security breach, forensic investigators work quickly to follow the attacker’s trail. Security experts have analyzed this situation and found that a key source of evidence is often overlooked: Microsoft Azure Storage logs. While frequently overlooked, these logs provide invaluable insights that can help reconstruct an attack, trace data theft, and identify security gaps. […] The post How Microsoft Azure Storage Logs Aid Forensics Following a Security Breach appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated cryptojacking campaign that hijacks Windows’ native Character Map utility (“charmap.exe”) to evade Windows Defender and covertly mine cryptocurrency on compromised machines. First detected in late August 2025, this attack exploits legit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new botnet called NightshadeC2 that employs an innovative “UAC Prompt Bombing” technique to evade Windows Defender and compromise endpoint security systems. In August 2025, eSentire’s Threat Response Unit (TRU) identif…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recently patched vulnerability in a core Windows driver could allow a local attacker to execute code with the highest system privileges, effectively taking full control of a target machine. The flaw, identified as CVE-2025-53149, is a heap-based buffer overflow discovered in the Kernel Streaming WOW Thunk Service Driver (ksthunk.sys). Microsoft addressed the issue in […] The post Windows Heap-based Buffer Overflow Vulnerability Let Attackers Elevate Privileges appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in Microsoft Windows systems that allows attackers to escalate their privileges and potentially gain complete control over affected machines. The vulnerability, designated CVE-2025-53149, affec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ESET security researchers have uncovered a sophisticated cyber threat campaign targeting Windows servers across multiple countries, with attackers deploying custom malware tools designed for both remote access and search engine manipulation. Cybersecur…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
