Bitdefender researchers reveal how cyberattackers are abusing the built-in Windows MSHTA utility to silently deploy loaders and infostealers.
Tag: builtin
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
CloudZ RAT Abuses Windows Phone Link to Steal OTPs
A malware campaign is exploiting a built-in Windows feature to intercept sensitive data — without ever touching the victim’s phone. Cisco Talos researchers identified the CloudZ remote access trojan (RAT) using a custom plugin to monitor Microsoft’s Phone Link application and potentially capture SMS-based one-time passwords (OTPs). “MFA bypass is becoming a bigger and bigger…
Global Security News, Network Security
Megaport enhances network resilience with integrated DDoS protection
Megaport has announced the launch of Megaport DDoS Protection. This new built-in security capability for Megaport Internet allows customers to filter malicious traffic directly within the Megaport network, rather than routing it through a separate external service. This helps ensure mission-critical uptime without introducing additional latency or routing complexity. As enterprises increasingly migrate to distributed…
AI, Exploits, Global Security News
Exploits Turn Windows Defender into Attacker Tool
Three proof-of-concept exploits are being used in active attacks against Microsoft’s built-in security platform; two are unpatched.
AI, Global Security News, Network Security
Tails 7.6 ships automatic Tor bridge retrieval and a new password manager
Tails 7.6 is out, and for users operating on networks that block Tor, the most consequential addition is built-in bridge retrieval. The Tor Connection assistant can now detect when a direct connection to Tor is restricted and automatically request bridges suited to the user’s region. The request goes through the Tor Project’s Moat API, and…
Global Security News, privacy
Firefox now has a free built-in VPN with 50GB monthly data limit
Mozilla released Firefox 149 with added privacy protection through a built-in VPN tool offering up to 50GB of monthly traffic. […]
AI, Global Security News
Introducing Apple Business — a new all‑in‑one platform for businesses of all sizes
Apple Business combines built-in mobile device management, business email and calendar services with custom domain support, and a powerful new option to reach local customers
AI, Global Security News, privacy, Risk Management
Firefox is getting a free built-in VPN
Mozilla is adding a free built-in VPN to Firefox, with the feature arriving in Firefox 149 on March 24. Privacy concerns often follow free VPN services, especially when unclear data practices put user information at risk. Mozilla says its version is grounded in its data principles and focus on trust, aiming to avoid the kinds…
AI, Global Security News, Risk Management
Virtue AI brings continuous stress testing to enterprise AI agents
Virtue AI has announced Agent ForgingGround with built-in Red-Teaming Agents, the first enterprise-scale testing ground designed to continuously evaluate and stress-test AI agents (including multi-agent systems) before, during, and after deployment. As organizations adopt large-scale AI agents, many enterprises are unprepared to manage agent risk. AI agents can call tools, access sensitive data, and execute…
AI, Apps, Endpoint, Exploits, Global Security News, malware
OAuth phishers make ‘check where the link points’ advice ineffective
Microsoft has warned that phishers are exploiting a built-in behavior of the OAuth authentication protocol to redirect victims to malware, using links that point to legitimate identity provider domains such as Microsoft Entra ID and Google Workspace. The links look safe but ultimately lead somewhere that isn’t. “OAuth includes a legitimate feature that allows identity…
AI, Apps, Endpoint, Exploits, Global Security News, malware
OAuth phishers make ‘check where the link points’ advice ineffective
Microsoft has warned that phishers are exploiting a built-in behavior of the OAuth authentication protocol to redirect victims to malware, using links that point to legitimate identity provider domains such as Microsoft Entra ID and Google Workspace. The links look safe but ultimately lead somewhere that isn’t. “OAuth includes a legitimate feature that allows identity…
Global Security News
EcoFlow Launches DELTA 3 Max Plus in Australia Class-Leading 2kWh Portable Power Station with 3000W Output
Anderson-ready portable power station with built-in high-current DC output for direct 4WD and caravan integration
Global Security News
Android app uses Bluetooth signals to detect nearby smart glasses
Smart glasses with built-in cameras are showing up in more public spaces, and a growing number of people want a way to know when one is nearby. An Android app called Nearby Glasses, developed by Yves Jeanrenaud, attempts to fill that gap by scanning Bluetooth Low Energy traffic for manufacturer identifiers associated with known smart…
AI, Apps, Cybersecurity, Europe, Global Security News, Government & Policy, privacy
European Parliament Blocks AI on Lawmakers’ Devices Over Security Fears
The European Parliament has disabled built-in artificial intelligence features on work devices used by lawmakers and their staff, following internal cybersecurity and privacy concerns. The decision was communicated in an internal email seen by Politico, which reported the move on Monday. According to the message from the Parliament’s IT support team, the institution could not…