The Walliant application is a Potentially Unwanted Application (PUA). It is promoted as an app that automatically changes desktop wallpapers. Though it in fact has hidden functionality: hijacking your bandwidth, it works as proxyware. This can eventually lead to rather unpleasant consequences. This unwanted app has a website that allows users to download it. However,… Continue reading Walliant App
Tag: Windows
Taskbarify Unwanted Application
Taskbarify is unwanted software (like a Movidown)that claims it is a tiny little Windows tweaker. However, it also turns the device into a proxy server without the user’s knowledge. Let me show you what is so dangerous about this utility, and how to remove it. What is Taskbarify? Taskbarify is a Windows utility classified as… Continue reading Taskbarify Unwanted Application
DLL Search Order Hijacking Technique Bypasses Protection
A new DLL (Dynamic Link Library) Search Order Hijacking variant emerged. This method capitalizes on executables in the trusted WinSxS folder of Windows 10 and 11, allowing threat actors to execute malicious code without needing high privileges. How Does DLL Search Order Hijacking Work? Researchers detect a novel DLL search order hijacking variant. It leverages… Continue reading DLL Search Order Hijacking Technique Bypasses Protection
PoolParty Injection Techniques Circumvent EDR Solutions
A set of process injection techniques, named PoolParty, was presented at the Black Hat Europe 2023 conference. A set of 8 tricks allows to force running any malicious code, and circumvents protection of top-notched EDR solutions. PoolParty Process Injection Exploits Windows Mechanisms The initial presentation of the techniques, along with further analysis, reveals a chain… Continue reading PoolParty Injection Techniques Circumvent EDR Solutions
Information Security Experts Published a PoC Exploit for a Vulnerability in Win32k
Information security experts have published a PoC exploit for a privilege escalation vulnerability in the Win32k driver that was fixed in May. Let me remind you that this bug received the identifier CVE-2023-29336 (7.8 points on the CVSS scale) and was discovered by Avast researchers. CVE-2023-29336 has been reported to affect systems running Windows 10… Continue reading Information Security Experts Published a PoC Exploit for a Vulnerability in Win32k
What is “Windows Key Code Is Not Valid And Seems Pirated”?
Windows Key Code Is Not Valid And Seems Pirated appears to be a new scary scam approach used to trick Windows users. Banners with this prompt may appear out of nowhere, and can really scare inexperienced users. Let me explain to you what’s the matter with this banner, if you really have any issues, and… Continue reading What is “Windows Key Code Is Not Valid And Seems Pirated”?
Windows 7 Extended Security Update Program cancelled
On January 8, 2023, Microsoft announced the cancellation of the ESU program for Windows 7. The OS version released back in 2009 now lost all the support from its developer. In January 2020, Microsoft canceled all updates for Windows 7, and the only Service Pack for this version was released in 2013. Let’s see what… Continue reading Windows 7 Extended Security Update Program cancelled
Hack Group Witchetty Hides Malware in the Windows Logo
Symantec researchers have discovered a malicious campaign by the hacker group Witchetty, which uses steganography to hide malware in an image with the Windows logo. Let me remind you that we also wrote that Hackers hide MageCart skimmers in social media buttons. Experts remind that the Witchetty hack group is associated with the Chinese group… Continue reading Hack Group Witchetty Hides Malware in the Windows Logo
Unofficial fixes released for 0-day issue in Windows Mobile Device Management Service
Unofficial fixes released for 0-day issue in Windows Mobile Device Management Service Access to Work or School. The problem is present on devices running Windows 10, version 1809 (and later). The bug is related to a bypass of the information disclosure patch (CVE-2021-24084) released by Microsoft engineers in February this year. This month, cybersecurity researcher… Continue reading Unofficial fixes released for 0-day issue in Windows Mobile Device Management Service
Cybersecurity researchers published an exploit for Windows that allows escalating privileges
Bleeping Computer reported that cybersecurity researcher has published an exploit for a new zero-day vulnerability that can be used to escalate local privileges in all supported versions of Windows, including Windows 10, Windows 11 and Windows Server 2022. The journalists write that they have already tried the exploit in action and were able to open… Continue reading Cybersecurity researchers published an exploit for Windows that allows escalating privileges