A new feature proposal for the Python programming language wants to add "transparency" to the runtime and let security and auditing tools view when Python may be running potentially dangerous operations.
Rotem Kerner, a security researcher with enSilo, has discovered a new process injection technique that can be abused by malicious actors to hide malware inside Windows-based CLI applications.
A new PowerShell script was posted on Github recently that prompts a victim to enter their login credentials, checks if they are correct, and then sends the credentials to a remote server. This allows an attacker to distribute the script and harvest domain login credentials from their victims.
Malware that embeds a null character in its code can bypass security scans performed by the Anti-Malware Scan Interface (AMSI) on Windows 10 boxes.
Security researchers have spotted a booby-trapped PowerPoint file that will download malware to a computer whenever a victim hovers a link, no macro scripts required.
Malware researchers have come across a new Remote Access Trojan (RAT) that uses a novel technique to evade detection on corporate networks by fetching malicious PowerShell commands stored inside a domain's DNS TXT records.
Lots of small ransomware infections / screenlockersÂ this week, but no major infections were discovered. Thankfully, security researchers were able to create a bunch of decryptors and make them available for victim's to recover their files. Of particular note was the San Francisco MTA getting hit hard by the HDDCryptorÂ ransomware.
Microsoft researchers Itai Grady and Tal Be'ery released today a new tool designed to help system administrators protect enterprise networks from reconnaissance attacks.
Today Microsoft has releasedÂ the Windows 10 Insider Preview Build 14971 forÂ PC to Insiders on the fast ring. Â This release adds the ability to read EPUB book in Microsoft Edge, includes the PaintÂ 3D application, and makes the PowerShellÂ the default shell from file explorer and the Win+X Menu.
This week we have 3 new ransomwareÂ variants, 2 new ransomware infections, and 4 new ransomwareÂ decryptors. Stampado finally popped its head out of its hole, but was quickly squashed and a slew of new decryptors were released. Overall, a good week for the goodÂ guys.
It is bad enough when a ransomware infection encrypts your data and demands a ransom, but it'sÂ even worseÂ when shoddy programming destroys itÂ instead. This is what happened in aÂ new variant of the Power Worm ransomwareÂ whereÂ bad programming encrypts your data using AES encryption and then throws away the key