Microsoft has warned customers to patch a critical TCP/IP remote code execution (RCE) vulnerability that affects all Windows systems with IPv6 enabled. The vulnerability, tracked as CVE-2024-38063, is caused by an Integer Underflow weakness and can be exploited to trigger buffer overflows, allowing attackers to execute arbitrary code. The security bug has been labeled “wormable,” … Read more
RansomHub ransomware operators have started deploying new malware to disable Endpoint Detection and Response (EDR) security software in Bring Your Own Vulnerable Driver (BYOVD) attacks. The malware, named EDRKillShifter by Sophos security researchers, deploys a legitimate, vulnerable driver on targeted devices to escalate privileges, disable security solutions, and take control of the system. According to … Read more
A group of cyber-spies suspected of having connections to China has been accused of compromising dozens of computers belonging to Russian government agencies and IT providers since late July, according to Kaspersky. The attackers, tracked as APT27 and APT31, gained initial access to their victims’ devices via phishing emails. They then used cloud services and … Read more
Meta has released a new app called Meta Quest HDMI Link that allows users to repurpose their Quest 3, 2, and Pro headsets as a screen for consoles, laptops, or any device with video out capabilities. To use the app, you’ll need additional hardware in the form of a USB Video Class (UVC) and USB … Read more