Microsoft Introduces Linux-Like 'sudo' Command to Windows 11

Microsoft said it's introducing Sudo for Windows 11 as part of an early preview version to help users execute commands with administrator privileges. "Sudo for Windows is a new way for users to run elevated commands directly from an unelevated console session," Microsoft Product Manager Jordi Adoumie said. "It is an ergonomic and familiar solution for users who want to elevate a command

Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines

Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake Stealer on Windows systems. The malware-laced packages are named nigpal, figflix, telerer, seGMM, fbdebug, sGMM, myGens, NewGends, and TestLibs111. They have been uploaded by a threat actor named "WS." "These

New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections

Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach "leverages executables commonly found in the trusted WinSxS folder and exploits them via the classic DLL

Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities

Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities. This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of UndefinedBehaviorSanitizer (UBSan), a tool designed to catch various kinds of

What is the Essential Eight (And Why Non-Aussies Should Care)

In 2017, The Australian Cyber Security Center (ACSC) published a set of mitigation strategies that were designed to help organizations to protect themselves against cyber security incidents. These strategies, which became known as the Essential Eight, are designed specifically for use on Windows networks, although variations of these strategies are commonly applied to other platforms. What is