PT-2024-29123 · Unknown · Absolute Secure Access

Name of the Vulnerable Software and Affected Versions: Absolute Secure Access versions prior to 13.07 Description: The issue is related to an elevation of privilege vulnerability in server and client components. Attackers with local access and valid desktop user credentials can elevate their...

TrickBot Adds ActiveX Control, Hides Dropper in Images

The TrickBot banking trojan has gotten trickier, with the addition of a Windows 10 ActiveX control to execute malicious macros in boobytrapped documents. Michael Gorelik, researcher at Morphisec Labs, said that at least two dozen documents have come to light in the last few weeks that use ActiveX...

TrickBot Switches to a New Windows 10 UAC Bypass to Evade Detection

The TrickBot trojan has evolved again to bolster its ability to elude detection, this time adding a feature that can bypass Windows 10 User Account Control UAC to deliver malware across multiple workstations and endpoints on a network, researchers have discovered. Researchers at Morphisec Labs te...