6 matches found
GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses
Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part of its defense evasion strategy. According to a new report published by the Threat Hunter Team from Symantec, the ransomware was first...
EUVD-2025-22054
Malicious code in bioql PyPI...
CVE-2025-0664
A locally authenticated, privileged user can craft a malicious OpenSSL configuration file, potentially leading the agent to load an arbitrary local library. This may impair endpoint defenses and allow the attacker to achieve code execution with SYSTEM-level privileges...
Office for Mac Users Warned of Malicious SYLK Files
Microsoft Office for Mac users are being warned that malicious SYLK files are sneaking past endpoint defenses even when the “disable all macros without notification” is turned on. This leaves systems vulnerable to a remote, unauthenticated attackers who can execute arbitrary code. The warning com...
Clever Phishing Attack Enlists Google Translate to Spoof Login Page
UPDATE Recently-discovered phishing emails scoop up victims’ Facebook and Google credentials and hides its malicious landing page via a novel method – Google Translate. The phishing campaign uses a two-stage attack to target both Google and Facebook usernames and passwords, according to researche...
“Breaking Bad Security” – Tutorial 2 – Remote Access
Welcome to the second tutorial from our video series, “Breaking Bad Security!” This security series is designed to inform you about different tests, tricks, and free tools you can use to validate your security controls to ensure your environment is secure. In this series, we will provide...