Aggregator
No one knows how many old shims can still bypass UEFI Secure Boot
The vast majority of UEFI computers carry a Microsoft certificate that will trust a small first-stage loader called a shim, a program Microsoft signs so that Linux and assorted boot tools can run with Secure Boot on. Eleven of those signed shims turned out to be old enough to undo the protection they were meant to support. ESET researchers found the vulnerable versions, all at 0.9 or below, and Microsoft revoked them in its June … More →
The post No one knows how many old shims can still bypass UEFI Secure Boot appeared first on Help Net Security.
Attacker Used AI to Build Custom PowerShell Recon Malware
Attacker Used AI to Build Custom PowerShell Recon Malware
免费 Grok 4.5 正式发布!编码能力极强,支持 Grok Build 和 Cursor,附使用教程!
瑞士军方拥抱开源切断与微软的合作
瑞士军方拥抱开源切断与微软的合作
Kratos PhaaS Targets US and EU: How to Reduce Microsoft 365 Account Takeover Risk
Kratos is a mature Phishing-as-a-Service operation targeting Microsoft 365 users across the US, Europe, and other regions. By combining trusted platforms, anti-bot checks, and convincing login pages, ithelps attackers steal credentials while delaying detection and response. For security leaders, that increases the risk of account takeover, fraud, data exposure, and higher incident response costs. ANY.RUN […]
The post Kratos PhaaS Targets US and EU: How to Reduce Microsoft 365 Account Takeover Risk appeared first on ANY.RUN's Cybersecurity Blog.