Security Alerts & News
by Tymoteusz A. Góral

#1208 Windows UAC bypass leaves systems open to malicious DLLs
Researchers have crafted a stealthy new way of bypassing Windows User Account Controls (UAC) that opens the door to attacks on targeted systems. According researchers, the bypass technique can fly under the radar of security solutions that monitor for this type of circumvention.

The UAC bypass technique works on Windows 10 systems, and as opposed a number of other UAC bypasses techniques, this one does not raise red flags because it doesn’t rely on a privileged file copy or code injection, according to Matt Graeber and Matt Nelson who found the workaround and outlined it in a technical breakdown on the Enigmaox3 website.
Read more
#1214 New attack that cripples HTTPS crypto works on Mac, Windows and Linux
#1213 KeySniffer vulnerability opens wireless keyboards to snooping
#1212 Unpatched smart lighting flaws pose IoT risk to businesses
#1211 Amazon Silk browser ignored SSL searches, failing to protect your privacy
#1210 Microsoft Authenticator – coming August 15th! Supports AzureAD & Microsoft acct!
#1209 In-the-wild Ransomware Protection Comparative Analysis 2016 Q3 (PDF)
#1208 Windows UAC bypass leaves systems open to malicious DLLs
#1207 O2 customer data sold on dark net
#1206 Facebook admits blocking WikiLeaks’ DNC email links, but won’t say why
#1205 New evidence suggests DNC hackers penetrated deeper than previously thought
#1204 NIST prepares to ban SMS-based two-factor authentication
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12