An organized and highly dynamic malware distribution campaign has been leveraging thousands of hacked websites to redirect users to web pages peddling fake software updates in an attempt to infect them with malware. According to Jerome Segura, the Malwarebytes researcher who analyzed multiple infection chains to piece together the grander […]

Microsoft has decided to remove a mandatory « registry key requirement » it introduced in the aftermath of the Meltdown and Spectre vulnerability disclosure. Microsoft used this registry key to prevent Windows updates from being installed on computers running antivirus software incompatible with the Meltdown and Spectre patches. Antivirus vendors were supposed […]

Researchers are warning of a new email phishing campaign that downloads and launches the Quant Loader trojan, capable of distributing ransomware and stealing passwords. Barracuda on Tuesday said it has been tracking emails containing zipped Microsoft internet shortcut files with a “.url” file extension  sent to millions of inboxes via […]

AMD released patches for Spectre Variant 2 attack that includes both microcode and operating system updates. AMD and Microsoft worked together to issue the updates on Tuesday. AMD and Microsoft released the microcode and security updates for Spectre vulnerabilities. The Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation […]

The ICS-CERT and Siemens published are warning organizations of security flaws in Siemens devices (SIPROTEC 4, SIPROTEC Compact, and Reyrolle devices) that could be exploited by hackers to target electrical substations. “Successful exploitation of these vulnerabilities could allow an attacker to upload a modified device configuration that could overwrite access […]