Recently, the cybersecurity firm Eclypsium discovered suspected backdoor-like activities within Gigabyte systems. The platform’s heuristic detection methods uncovered the new supply chain threats, where legitimate third-party technologies are compromised. The primary concern lies with Gigabyte system firmware executing a Windows native executable during the system startup process. This executable proceedsContinue Reading

Microsoft is reportedly working on a new project, codenamed “Windows CorePC,” that aims to modernize the Windows operating system. The project incorporates ideas from previous Microsoft products, including Windows Core OS and Windows 10X. Windows CorePC will put modularity at the center of the system, allowing for flexible optimization forContinue Reading

In this scenario, we assumed that we have a reverse shell to the victim’s machine and want persistence on the machine. For this, we will use Windows services. First, we start with creating a malicious .exe file called mal.exe with msfvenom. With this payload, we will be able to createContinue Reading

A threat actor calling herself as ‘0xFF’ advertised a new RAT in HackForums. According to the threat actor, this new RAT tool is supporting Windows (amd64, i386, arm, arm64), Linux (amd64, i386, arm, arm64), Darwin (MacOS) (amd64(Intel), arm64(m1)) and Android (bin) (amd64, i386, arm, arm64). This Multi-OS RAT has featuresContinue Reading

CVE-2022-26809 is a vulnerability exists within the Remote Procedure Call Runtime component in Microsoft Windows. If an attacker successfully exploits the vulnerability, then she/he could run arbitrary code on the affected system. To exploit this vulnerability, an attacker would need to send a specially crafted RPC call to an RPCContinue Reading

If DHCP service is enabled and DHCP server is temporarily or permanently unavailable, TCP/IP assigns a class B IP address from to to the machine. This function in Windows is called “Automatic Private IP Addressing”. If you want to use static IP addresses in the machine, you needContinue Reading

Windows 11 was made available for users with Insider. Microsoft released the Windows 11 ISO file for test users today. To test Windows 11 with the Insider program, users had to update from Windows 10 build 21354. Windows 11, which is still in beta, has finally been released. It isContinue Reading

With Zone Identifier, we can say whether a file downloaded from internet or not. A file with zone.identifier extension is an ADS (Alternate Data Stream) file that contains information about another file. It describes the security zone for the file. Zone identifier files are generated by Internet Explorer and OutlookContinue Reading