New Code Signing Evades Detection
Financially motivated threat actors have started using new code signing tricks to increase the chances of their software evading detection on Windows systems. The new technique has been used by…
Hive Nightmare Workaround
After setting the "days since a security cock-up" counter back to zero, Microsoft has published an official workaround for its Access Control Lists (ACLs) vulnerability (CVE-2021-36934). Use the icacls command…
Windows Hello Bypass
Researchers tricked Windows Hello, the passwordless authentication system built into Windows 10 and Windows 11, using a single infrared image accompanied by an all-black frame. Windows Hello encompasses three authentication…