Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Administered by:

Server stats:

218
active users

eupolicy.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.8

#uac

0 posts0 participants0 posts today
Walk News<p><a href="https://www.walknews.com/915957/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">walknews.com/915957/</span><span class="invisible"></span></a> Windows 11の次期セキュリティ機能「管理者保護」でユーザー・開発者が注意するべきこと – 窓の杜 <a href="https://jforo.com/tags/Science" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Science</span></a> <a href="https://jforo.com/tags/Science" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Science</span></a>&amp;Technology <a href="https://jforo.com/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Technology</span></a> <a href="https://jforo.com/tags/UAC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UAC</span></a> <a href="https://jforo.com/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows</span></a> <a href="https://jforo.com/tags/WindowsHello" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WindowsHello</span></a> <a href="https://jforo.com/tags/%E3%82%B7%E3%82%B9%E3%83%86%E3%83%A0" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>システム</span></a> <a href="https://jforo.com/tags/%E3%82%B7%E3%82%B9%E3%83%86%E3%83%A0%E3%83%BB%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>システム・ファイル</span></a> <a href="https://jforo.com/tags/%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>セキュリティ</span></a> <a href="https://jforo.com/tags/%E3%83%86%E3%82%AF%E3%83%8E%E3%83%AD%E3%82%B8%E3%83%BC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>テクノロジー</span></a> <a href="https://jforo.com/tags/%E3%83%97%E3%83%AD%E3%82%B0%E3%83%A9%E3%83%9F%E3%83%B3%E3%82%B0" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>プログラミング</span></a> <a href="https://jforo.com/tags/%E7%A7%91%E5%AD%A6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>科学</span></a> <a href="https://jforo.com/tags/%E7%A7%91%E5%AD%A6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>科学</span></a>&テクノロジー <a href="https://jforo.com/tags/%E7%AE%A1%E7%90%86%E8%80%85%E4%BF%9D%E8%AD%B7" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>管理者保護</span></a></p>
ANY.RUN<p>🚨 New <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> campaign uses <a href="https://infosec.exchange/tags/DBatLoader" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DBatLoader</span></a> to drop <a href="https://infosec.exchange/tags/Remcos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Remcos</span></a> RAT.<br>The infection relies on <a href="https://infosec.exchange/tags/UAC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UAC</span></a> bypass with mock directories, obfuscated .cmd scripts, Windows <a href="https://infosec.exchange/tags/LOLBAS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LOLBAS</span></a> techniques, and advanced persistence techniques. At the time of analysis, the samples had not yet been submitted to <a href="https://infosec.exchange/tags/VirusTotal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VirusTotal</span></a> ⚠️</p><p>🔗 Execution chain:<br><a href="https://infosec.exchange/tags/Phish" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phish</span></a> ➡️ Archive ➡️ DBatLoader ➡️ CMD ➡️ SndVol.exe (Remcos injected) </p><p>👨‍💻 <a href="https://infosec.exchange/tags/ANYRUN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANYRUN</span></a> allows analysts to quickly uncover stealth techniques like LOLBAS abuse, injection, and UAC bypass, all within a single interactive analysis session. See analysis: <a href="https://app.any.run/tasks/c57ca499-51f5-4c50-a91f-70bc5a60b98d/?utm_source=mastodon&amp;utm_medium=post&amp;utm_campaign=dbatloader&amp;utm_term=150525&amp;utm_content=linktoservice" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">app.any.run/tasks/c57ca499-51f</span><span class="invisible">5-4c50-a91f-70bc5a60b98d/?utm_source=mastodon&amp;utm_medium=post&amp;utm_campaign=dbatloader&amp;utm_term=150525&amp;utm_content=linktoservice</span></a></p><p>🛠️ Key techniques:<br>🔹 <a href="https://infosec.exchange/tags/Obfuscated" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Obfuscated</span></a> with <a href="https://infosec.exchange/tags/BatCloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BatCloak</span></a> .cmd files are used to download and run <a href="https://infosec.exchange/tags/payload" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>payload</span></a>.<br>🔹 Remcos injects into trusted system processes (SndVol.exe, colorcpl.exe). <br>🔹 Scheduled tasks trigger a Cmwdnsyn.url file, which launches a .pif dropper to maintain persistence. <br>🔹 Esentutl.exe is abused via LOLBAS to copy cmd.exe into the alpha.pif file. <br>🔹 UAC bypass is achieved with fake directories like “C:\Windows “ (note the trailing space), exploiting how Windows handles folder names. </p><p>⚠️ This threat uses multiple layers of stealth and abuse of built-in Windows tools. Behavioral detection and attention to unusual file paths or another activity are crucial to catching it early. <a href="https://infosec.exchange/tags/ANYRUN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANYRUN</span></a> Sandbox provides the visibility needed to spot these techniques in real time 🚀</p>
defensedaily<p>Russia Offers Su-57 Fighter Jets to India with Joint Production Option </p><p><a href="https://defensemirror.com/news/38772/Russia_Offers_Su_57_Fighter_Jets_to_India_with_Joint_Production_Option" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">defensemirror.com/news/38772/R</span><span class="invisible">ussia_Offers_Su_57_Fighter_Jets_to_India_with_Joint_Production_Option</span></a></p><p><a href="https://mstdn.social/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> <a href="https://mstdn.social/tags/India" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>India</span></a> <a href="https://mstdn.social/tags/Su57" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Su57</span></a> <a href="https://mstdn.social/tags/Sukhoi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Sukhoi</span></a> <a href="https://mstdn.social/tags/jointproduction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>jointproduction</span></a> <a href="https://mstdn.social/tags/UAC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UAC</span></a> <a href="https://mstdn.social/tags/AeroIndia25" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AeroIndia25</span></a> <a href="https://mstdn.social/tags/Rosoboronexport" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rosoboronexport</span></a> <a href="https://mstdn.social/tags/UkraineWar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UkraineWar</span></a> <a href="https://mstdn.social/tags/stealth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>stealth</span></a> <a href="https://mstdn.social/tags/AESA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AESA</span></a> <a href="https://mstdn.social/tags/fighter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fighter</span></a></p>
Worlddefensereport<p>Russia Offers Su-57 Fighter Jets to India with Joint Production Option </p><p><a href="https://defensemirror.com/news/38772/Russia_Offers_Su_57_Fighter_Jets_to_India_with_Joint_Production_Option" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">defensemirror.com/news/38772/R</span><span class="invisible">ussia_Offers_Su_57_Fighter_Jets_to_India_with_Joint_Production_Option</span></a></p><p><a href="https://mstdn.social/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> <a href="https://mstdn.social/tags/India" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>India</span></a> <a href="https://mstdn.social/tags/Su57" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Su57</span></a> <a href="https://mstdn.social/tags/Sukhoi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Sukhoi</span></a> <a href="https://mstdn.social/tags/jointproduction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>jointproduction</span></a> <a href="https://mstdn.social/tags/UAC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UAC</span></a> <a href="https://mstdn.social/tags/AeroIndia25" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AeroIndia25</span></a> <a href="https://mstdn.social/tags/Rosoboronexport" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rosoboronexport</span></a> <a href="https://mstdn.social/tags/UkraineWar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UkraineWar</span></a> <a href="https://mstdn.social/tags/stealth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>stealth</span></a> <a href="https://mstdn.social/tags/AESA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AESA</span></a> <a href="https://mstdn.social/tags/fighter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fighter</span></a></p>
SciPost Physics<p>New <a href="https://scipost.social/tags/openaccess" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openaccess</span></a> publication <a href="https://scipost.social/tags/SciPost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SciPost</span></a> <a href="https://scipost.social/tags/Physics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Physics</span></a> Core</p><p>Functional renormalization group approach for signal detection</p><p>Vincent Lahoche, Dine Ousmane Samary, Mohamed Tamaazousti<br>SciPost Phys. Core 7, 077 (2024)<br><a href="https://scipost.org/SciPostPhysCore.7.4.077" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">scipost.org/SciPostPhysCore.7.</span><span class="invisible">4.077</span></a></p><p><a href="https://scipost.social/tags/CEASaclay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CEASaclay</span></a> <a href="https://scipost.social/tags/ParisSaclayUniversity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ParisSaclayUniversity</span></a> <a href="https://scipost.social/tags/UAC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UAC</span></a></p>
ricardo :mastodon:<p>Novel Exploit Chain Enables <a href="https://fosstodon.org/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows</span></a> <a href="https://fosstodon.org/tags/UAC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UAC</span></a> Bypass </p><p><a href="https://www.darkreading.com/vulnerabilities-threats/exploit-chain-windows-uac-bypass" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">darkreading.com/vulnerabilitie</span><span class="invisible">s-threats/exploit-chain-windows-uac-bypass</span></a></p>
Maria von Bolla<p>2/x</p><p>Weil das Plenum mit seinen Plenumsmenschen entschieden hatte, dass man das Auffangcamp <a href="https://mastodon.social/tags/UAC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UAC</span></a> (Unser Aller Camp) jetzt ja nicht mehr brauchen würde obwohl es bis Ende Februar genehmigt war, geriet ich erneut in eine stressige Art Räumungssituation ohne Geld obwohl ich das Trauma in <a href="https://mastodon.social/tags/L%C3%BCtzerath" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Lützerath</span></a> noch nicht ein bisschen verarbeitet hatte. Freundlicherweise erlaubten mir Menschen meinen zerfledderten unbeheizten Studiowagen in ihren Garten in <a href="https://mastodon.social/tags/Keyenberg" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keyenberg</span></a> zu stellen.</p>
ExploreLive feeds
About