NSA joins chorus urging Windows users to patch ‘BlueKeep’

The alert comes on the heels of Microsoft’s second advisory calling on people to take action before it’s too late. The United States’ National Security Agency (NSA) has issued a rare alert urging Windows users and administrators to waste no time in patching the critical ‘BlueKeep’ security flaw in older Windows systems. “This is the … More NSA joins chorus urging Windows users to patch ‘BlueKeep’

Microsoft reveals breach affecting webmail users

Some users of Microsoft’s web-based email services such as Outlook.com had their account information exposed in an incident that, as it later emerged, also impacted email contents. Microsoft has acknowledged a security incident that, for almost three months, gave hackers access to information related to an unknown number of email accounts on the tech giant’s … More Microsoft reveals breach affecting webmail users

Emotet launches major new spam campaign

The recent spike in Emotet activity shows that it remains an active threat. A week after adding a new email content harvesting module, and following a period of low activity, the malicious actors behind Emotet have launched a new, large-scale spam campaign. What is Emotet? Emotet is a banking Trojan family notorious for its modular architecture, … More Emotet launches major new spam campaign

PowerPool malware exploits ALPC LPE zero-day vulnerability

Malware from newly uncovered group PowerPool exploits zero-day vulnerability in the wild, only two days after its disclosure. On August 27, 2018, a so-called zero-day vulnerability affecting Microsoft Windows was published on GitHub and publicized via a rather acerbic tweet. It seems obvious that this was not part of a coordinated vulnerability disclosure and there was no … More PowerPool malware exploits ALPC LPE zero-day vulnerability