Bleeping Computer

Exploited Windows zero-day lets JavaScript files bypass security warnings

An update was added to the end of the article explaining that any Authenticode-signed file, including executables, can be modified to bypass warnings. A new Windows zero-day allows threat actors to ...
Dark Reading

Chinese Threat Actors Use MSI Files to Bypass Windows, VT Detection

Chinese language hackers are taking advantage of the Windows Installer (MSI) file format to bypass standard security checks. Hackers are known to deliver malware in the same sorts of familiar formats: ...

Microsoft Triple Warning — 3 Windows Security Bypass Threats Confirmed

Now Microsoft has confirmed three zero-day Windows security bypass vulnerabilities, users are warned to get their update groove on ASAP.
Infosecurity-magazine.com

Hackers Use Archive Files and HTML Smuggling to Bypass Detection Tools

Attackers have been increasingly encrypting malware in archives before releasing it in the wild. According to HP Wolf Security’s latest Threat Insights Report Q3 2022, 44% of malware was delivered via ...
Bleeping Computer

Microsoft fixes Windows zero-day bug exploited to push malware

Windows has fixed a bug that prevented Mark of the Web flags from propagating to files within downloaded ISO files, dealing a massive blow to malware distributors and developers. For those unfamiliar ...