4 matches found
Attackers adopt JavaScript runtime Bun to spread NWHStealer
In our previous research, we analyzed a Windows infostealer we track as NWHStealer. The attackers behind this stealer are continuously finding new methods to distribute the stealer. During our hunting activities, we noticed how attackers are using a JavaScript runtime called Bun to help distribut...
New Windows Task Scheduler Bugs Let Attackers Bypass UAC and Tamper with Logs
Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to achieve privilege escalation and erase logs to cover up evidence of malicious activities. The issues have been uncovered ...
Google Chrome is Abused to Deliver Malware as Legit Windows 10 App
Crooks behind a newly identified malware campaign are targeting Windows 10 with malware that can infect systems via a technique that cleverly bypasses Windows cybersecurity protections called User Account Control UAC. Researchers from Rapid7 recently identified the campaign and warn the goal of t...
ByeIntegrity-UAC - Bypass UAC By Hijacking A DLL Located In The Native Image Cache
Bypass User Account Control UAC to gain elevated Administrator privileges to run any program at a high integrity level. Requirements Administrator account UAC notification level set to default or lower How it works ByeIntegrity hijacks a DLL located in the Native Image Cache NIC. The NIC is used ...