New Windows Flaw Lets Attackers Bypass Mark of the Web

Microsoft patched a Windows Remote Assistance flaw that lets attackers bypass Mark of the Web, weakening protections against ...
Bleeping Computer

Exploited Windows zero-day lets JavaScript files bypass security warnings

An update was added to the end of the article explaining that any Authenticode-signed file, including executables, can be modified to bypass warnings. A new Windows zero-day allows threat actors to ...

Critical macOS Flaw Lets Attackers Bypass Apple Privacy Controls Without Consent

A newly disclosed macOS vulnerability bypasses Apple’s TCC privacy controls, allowing silent access to files, microphone data, and user activity.
Bleeping Computer

Bypassing Windows 10 UAC with mock folders and DLL hijacking

A new technique uses a simplified process of DLL hijacking and mock directories to bypass Windows 10's UAC security feature and run elevated commands without alerting a user. Windows UAC is a ...
Dark Reading

Chinese Threat Actors Use MSI Files to Bypass Windows, VT Detection

Chinese language hackers are taking advantage of the Windows Installer (MSI) file format to bypass standard security checks. Hackers are known to deliver malware in the same sorts of familiar formats: ...