Author Archives: CSIRT

Abuse of flaw could give attackers greater access to devices even than its owner A zero-click (https://portswigger.net/daily-swig/vulnerabilities) in a popular IoT security camera could allow an unauthenticated attacker to gain full access to the device and possibly internal networks, a researcher has warned. The researcher, dubbed ‘Watchful IP’, has released details of the unauthenticated remote […]

By Sergiu Gatlan An ongoing Zloader campaign uses a new infection chain to disable Microsoft Defender Antivirus (formerly Windows Defender) on victims’ computers to evade detection. According to Microsoft’s stats, Microsoft Defender Antivirus is the anti-malware solution pre-installed on more than 1 billion systems running Windows 10. The attackers have also changed the malware delivery vector from spam or phishing […]

Disclosure comes two years after privacy-busting flaw was discovered A zero-day vulnerability in Virgin Media Super Hub 3 routers enables attackers to unmask the true IP addresses of (https://portswigger.net/daily-swig/vpn) users, security researchers have revealed. Fidus Information Security, a UK (https://portswigger.net/daily-swig/pen-testing) consultancy, has published details of the flaw nearly two years after first alerting Virgin Media, […]

The Windows Subsystem for Linux (WSL) is a companion feature released by Microsoft in 2016 to run a Linux image in a near-native environment on Windows, allowing administrators to use Linux command-line tools without using a virtual machine. This was a novel implementation, although immediately doubts about security in this development began to arise. While […]