Cybersecurity, CISA adds 7 new vulnerabilities in the exploited list
They are: CVE-2022-29464, CVE-2022-26904, CVE-2022-21919, CVE-2022-0847, CVE-2021-41357, CVE-2021-40450 and CVE-2019-1003029. Patch the flaws ASAP!
Cybercrime, TrickBot now uses an obfuscated batch script launcher
Bleeping Computer cybersecurity experts: The malware increased its advanced evasive capabilities.
Cybercrime, three well known techniques still successfully used to avoid detection
Yoroi-Cybaze cyber security experts: They are “The Broken Doc”, “Hide Payload with Office Developer Mode”, and “Spoofed Signature”or “Certificate Spoofing”.
Cybercrime for phishing uses web fonts to implement the encoding
Proofpoint cyber security experts: Threat actors exploit fake fonts to decode content and evade detection. At least since May 2018, but maybe earlier.