New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
XDA Developers on MSN

Windows Sandbox is the best feature you're not using

Enable Windows Sandbox and test questionable software risk-free in a disposable virtual machine.
Make Tech Easier

Why Did Your Windows Password Box Disappear? (And How to Force it Back)

Can't sign in because your Windows password box is missing? Here's how you can easily fix this Windows glitch.

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

Microsoft actually does something useful, adds Sysmon to Windows

Sysmon, part of the Sysinternals toolset, has long been useful for monitoring Windows' internals. Mark Russinovich, Microsoft technical fellow and co-founder of Winternals, from whence Sysinternals ...

Native Sysmon integration in Windows is getting closer

Microsoft has released Windows Insider previews that include the powerful Sysmon logging tool as a Windows feature.
XDA Developers on MSN

4 PowerShell scripts I run on every Windows install

Get your fresh install settled quickly with these 4 PowerShell scripts ...