The UK's Competition and Markets Authority has provisionally given the go ahead of the acquisition of Avast by NortonLifeLock. It said the merger won't give the firm a monopoly position.
Malware RSS
Microsoft's Threat Intelligence Center (MSTIC) claims it caught an Austrian company selling spyware called Subzero. The malware relied on zero-day vulnerabilities, which have been patched.
Certain Windows PCs with Gigabyte and Asus motherboards have been found to be infected with a new "CosmicStrand" UEFI rootkit. The malware is an evolution of an older rootkit dubbed "Spy Shadow".
Microsoft is soon ready to start blocking Office macros once again. The company has updated its support documentation with clear explanations and step-by-step instructions for users and IT admins.
Microsoft is privately informing some enterprise customers about a high-risk worm called "Raspberry Robin" spreading across hundreds of Windows networks through infected USB devices.
A newly discovered zero-day vulnerability in modern Windows versions allows bad actors to launch a Windows Search window and connect to infected directories using a single Word file.
Sophisticated "Alien" spyware is targeting Android users to download "Predator" malware, which can record audio, hide apps, and perform several more nefarious activities. Google has sent out patches.
Microsoft has issued a warning about the growing threat posed by human-operated ransomware in the ransomware-as-a-service (RaaS) gig economy. It has also provided some guidance for organizations.
A new Magniber ransomware campaign is here that is infecting potential victims using fake Windows updates. Upon successful infection, the threat actors are asking for payment of around $2,600 in BTC.
Google Drive users are warned about suspicious files that may have been laced with malware. The banners alerting about viruses has now been extended to each file in Google Docs, Sheets, and Slides.
Google has revealed that it banned over 190,000 malicious and spammy developers from the Play Store last year. Similarly, 1.2 million apps that violated Play Store policies were also removed.
Microsoft has outlined some steps that organizations can leverage to manage their IoT security. These involve threat modeling and building a Zero Trust solution, among many other things.
A security company has published details about Hive ransomware currently targeting vulnerable Microsoft Exchange servers and encrypting environments with a "windows.exe" file containing ransomware.
Google's Project Zero team has published its findings for 0-day exploits in the year 2021. It detected the most 0-days in this year but some positive insights that can be drawn too.
Similar to many previous campaigns of this nature, a fake Microsoft lookalike Windows 11 download website has been found to infect victims' computers with a novel Inno info stealer malware.
In our latest recap for the Microsoft-verse, we have lots of stuff to talk about including tons of Windows updates, recent cybersecurity incidents, and some useful features being added to Edge.
The Powershell Windows Toolbox that was hosted on GitHub was found to contain malicious files. This third-party Windows tool claimed to install Google Play Store, debloat Windows 11, and more.
Microsoft has publicly revealed the identity and location of a perpetrator behind ZLoader in order to deter others. The person had developed a ZLoader component that is used to distribute ransomware.
The infamous Hafnium group which successfully targeted on-premises Microsoft Exchange servers is now going after Windows using Tarrask malware which evades detection by cleaning its activities.
The US Department of Justice has released a statement about a secret FBI operation that removed a bot network controlled by the Russian Federation's Main Intelligence Directorate (GRU) last month.
A new stealer malware called Vidar has been discovered. Vidar is distributed via emails and disguised as Microsoft CHM help or support file that goes on to steal user data and information.
A new remote access trojan (RAT) or BitRAT has been found which is being distributed through fake Windows product license key activation tools. It is able to bypass detections by Windows Defender.
A new malware campaign, dubbed CryptoRom, is sneaking malware onto iPhone and iPad devices through apps and services that Apple itself offers to users who are willing to test unvetted apps.
A new crypto wallet information stealing Kraken botnet has been discovered by ZeroFox. The malware is able to easily bypass Windows Defender scans by simply adding itself as an exclusion.
A fake Microsoft lookalike website has been discovered recently which is distributing a dangerous RedLine malware in the form of a Windows 11 installer package. The RedLine malware is a stealer.
Microsft said earlier today via a blog post that it will block all Office files (Access, Excel, PowerPoint, Visio, and Word), that contain VBA Macros, by default, to protect users from malware.
Back in December last year, Microsoft had disabled the MSIX app installer protocol to prevent malicious spoofing attempts and attacks. Today, a formal annoucement has come regarding the matter.
Microsoft has shared some details about a trojan dubbed "UpdateAgent", which is targeting Mac devices. It is becoming more sophisticated in each campaign and may distribute dangerous payload.
Google Drive can now display warning banners to alert users of potentially malicious files. The new resource is available to all Google Workspace, G Suite Basic, and Business users.
According to a CrowdStrike report, Linux malware and malware samples have increased by a lot in 2021 as compared to a year prior. One of the malware types has seen submissions increase by tenfold.
A Raspberry Pi, trained using malware activity, was able to predict an ongoing attack by monitoring specific electromagnetic waves. This detection system is independent of the potential targets.
A malicious email that claims to be an employee termination letter is doing the rounds on the internet. This email is actually a Dridex malware attack and hopes to trick its potential victims.
Google says it is working with partners to disrupt the resilient Glupteba botnet. It is also taking legal action against the suspected botnet operators to put a permanent stop to the botnet.
A fake KMSPico Windows activator has been discovered by security company Red Canary. The malware is capable of stealing information from various crypto wallets, among other things, using a Cryptbot.
It's been a relatively slow week due to the holidays in the U.S., but there are still notable news items you might want to catch up on including a complaint against Microsoft in the EU.
Free and light benchmarking utility UserBenchmark is flagged by close to two dozen anti-virus programs as malware, according to VirusTotal. Windows Security, too, flags it as a "Severe" trojan.
This week, Insiders finally got their hands on Android apps on Windows, new builds for Windows 11, Windows 10 21H1, and Windows 10 21H2. Details about Halo Infinite's PC version were revealed too.
A WHQL-certified driver called "FiveSys" was detected by Bitdefender which was, in reality, a malicious rootkit. After learning about it, the driver's signature has since been removed by Microsoft.
46 hours of content on Pen Test, Network Scan, Cloud Security & More! Start your journey as an ethical hacker and efficiently fix vulnerabilities and threats for next to nothing with Neowin Deals!
"Made on Windows 11 Alpha" themed malicious Microsoft Word documents have been discovered by the security researchers at Anomali. The maldoc implements VBA macros to deliver a JavaScript payload.