Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Windows 11 is showing its first signs of Rust

Categories: News Tags: Windows 11 Tags: OS Tags: operating system Tags: programming language Tags: rust Tags: C Tags: C++ Tags: kernel Tags: buffer overflow We take a look at the slow introduction of programming language Rust into the Windows 11 kernel in an effort to make it more memory safe. (Read more...) The post Windows 11 is showing its first signs of Rust appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#vulnerability#android#mac#windows#google#microsoft#linux#c++#buffer_overflow
Microsoft Follina Bug Is Back in Meme-Themed Cyberattacks Against Travel Orgs

A two-bit comedian is using a patched Microsoft vulnerability to attack the hospitality industry, and really laying it on thick along the way.

Microsoft Advisories Are Getting Worse

A predictable patch cadence is nice, but the software giant can do more.

Why High Tech Companies Struggle with SaaS Security

It's easy to think high-tech companies have a security advantage over other older, more mature industries. Most are unburdened by 40 years of legacy systems and software. They draw some of the world’s youngest, brightest digital natives to their ranks, all of whom consider cybersecurity issues their entire lives. Perhaps it is due to their familiarity with technology that causes them to overlook

CLR SqlShell Malware Targets MS SQL Servers for Crypto Mining and Ransomware

Poorly managed Microsoft SQL (MS SQL) servers are the target of a new campaign that's designed to propagate a category of malware called CLR SqlShell that ultimately facilitates the deployment of cryptocurrency miners and ransomware. "Similar to web shell, which can be installed on web servers, SqlShell is a malware strain that supports various features after being installed on an MS SQL server,

New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages

A new phishing-as-a-service (PhaaS or PaaS) platform named Greatness has been leveraged by cybercriminals to target business users of the Microsoft 365 cloud service since at least mid-2022, effectively lowering the bar to entry for phishing attacks. "Greatness, for now, is only focused on Microsoft 365 phishing pages, providing its affiliates with an attachment and link builder that creates

XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks

Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems. Securonix, which is tracking the activity cluster under the name MEME#4CHAN, said some of the attacks have primarily targeted manufacturing firms and healthcare clinics located in Germany. "The attack campaign has been leveraging rather

Threat Roundup for May 5 to May 12

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 5 and May 12. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

Making Sure Lost Data Stays Lost

Retired hardware and forgotten cloud virtual machines are a trove of insecure confidential data. Here's how to ameliorate that weakness.