Tag Archives: Microsoft

Another Windows zero day allows for admin privileges

Another Windows zero day allows for admin privileges

Researcher Abdelhamid Naceri who often reports on Windows bugs this time dropped a working proof-of-concept exploit for admin privileges zero-day on GitHub. According to Naceri it will work on all supported versions of Windows. This particular zero day can allow a potential bad actor to open a command prompt with SYSTEM privileges from an account with only low-level ‘Standard’ privileges. …

Read More »

Tiktok Phishing Campaign

Tiktok Phishing Campaign

Recently, on October 2, 2021, and November 1, 2021 one media outlet reported the news. Some bad actors conducted a rather large phishing campaign. According to a report it seemed like they primarily decided to target accounts with rather large audiences coverage. Scammers pretended to be from the Tiktok team. And attackers wrote in those emails that either they needed …

Read More »

Free Unofficial Patch for Zero-Day Bug in Windows

Free Unofficial Patch for Zero-Day Bug in Windows

During the late August Patch Tuesday Microsoft uncompletely patched a zero-day bug that goes by the identification CVE-2021-34484. The company only fixed the impact of the proof-of-concept (PoC). Earlier security researcher Abdelhamid Naceri made a report on the issue. This uncompletely patched bug affects all Windows versions, including Windows 10, Windows 11, and Windows Server 2022. In the Windows User …

Read More »

Microsoft reports TodayZoo – a “Franken-Phish” phishing toolkit

Microsoft reports"Franken-Phish"

In their blog Microsoft reported a very curious phishing kit – TodayZoo. It was primarily active this year, in spring and summer. The peculiarity of this kit lies in its built. This weird toolkit consists of particles of code from different works. Franken-Phish used to disguise itself under Zoom, Microsoft and Xerox products. Microsoft reported it to the AWS (Amazon …

Read More »