Most Viewed Content:

Ford will launch a new electric truck under a new product line

REcent report prove that Ford is planning on launching a new electric vehicle that will come with a new nameplate.

Samsung ships first 3nm Gate-All-Around chips to cryptocurrency mining industry customers as promised

This Monday, July 25, Korean electronics giant Samsung began...

Xiaomi 12S and 12S Pro Revealed With A New Processor

Xiaomi is now on a device launching spree as it is set to launch the Xiaomi 12S and 12s Pro with a new Snapdragon processor.

Security Researchers Successfully Hijack Windows 11’s Power Automate Tool

Windows 11 includes Power Automate, a tool that automates repetitive tasks, saving users a lot of time. However, it can also save hackers a lot of time, says a security researcher who questions the vulnerability of its automated tools, but as is customary with regard to cybersecurity, human complacency may be the weakest link.

A research firm recently published methods for attackers to hijack the automated tools that come with Windows 11 in order to spread malware and steal data on the network. The process requires some permission-only conditions to be met, but it marks another area of concern for IT security.

The vulnerability focuses on Power Automate, a tool packaged by Microsoft in Windows 11 that allows users to automate tedious or repetitive actions in various programs. Users can automatically back up files, convert to batch files, move data between programs, and more, with the option to automate operations across groups via the cloud.

Power Automate comes with many pre-made functions, but users can create new ones by recording their actions, which the tool can later repeat. The program can be widely used because it requires almost no programming knowledge.

Michael Bargury, chief technology officer at security firm Zenity, believes attackers can use Power Automate to spread malware payloads more quickly, and he explained how in a Defcon presentation in June. He released the code for the attack, called Power Pwn, in August.

The biggest obstacle to hacking with Power Automate is that the attacker needs to have gotten a full line to the target computer or infiltrated the network through other methods. if the attacker then creates a Microsoft cloud account with administrative privileges, they can use the automated process to push ransomware or steal authentication tokens, Bargury told Wired. An attack using Power Automate may be harder to detect because it’s not technically malware and carries an official Microsoft signature.

An incident occurred in 2020 in which an attacker used a company’s automation tools against it. Windows 11 and Power Automate were not available at that time, but the case provides a real-world example of the same basic techniques.

Microsoft claims that any fully updated system can defend against such threats, for example by isolating the attacked system with registry entries. However, these safeguards, like all others, require some basic knowledge that users and companies do not always possess.

Latest

Apple Watch Pro body size comparison: 49mm body with more than 2-inch screen

Sources say the upcoming Apple Watch Pro will be...

Solar car maker Lightyear has raised $85 million and is ready for production

Lightyear, a solar car startup from the Netherlands developing...

Xbox Elite 2 Controller will support customization in the Xbox Design Lab

Microsoft will bring the Xbox Elite 2 grip to...

Samsung M8 smart monitor is now receiving a massive price discount

The Samsung M8 smart monitor is currently on sale at a massive discount currenlty ongoing at the company's JD online store.

Newsletter

spot_img

Don't miss

Apple Watch Pro body size comparison: 49mm body with more than 2-inch screen

Sources say the upcoming Apple Watch Pro will be...

Solar car maker Lightyear has raised $85 million and is ready for production

Lightyear, a solar car startup from the Netherlands developing...

Xbox Elite 2 Controller will support customization in the Xbox Design Lab

Microsoft will bring the Xbox Elite 2 grip to...

Samsung M8 smart monitor is now receiving a massive price discount

The Samsung M8 smart monitor is currently on sale at a massive discount currenlty ongoing at the company's JD online store.

Intel Raptor Lake iGPU run scores revealed: graphics performance is remarkable

Although Intel needs to wait until the 14th generation...
Threza Gabriel
Threza Gabrielhttps://www.techgoing.com
TechGoing is a global tech media to brings you the latest technology stories, including smartphones, electric vehicles, smart home devices, gaming, wearable gadgets, and all tech trending.
spot_imgspot_img

Honor X40 series nine-year milestone officially announced September 15 release

Honor announced that it will release the X40 series of Honor phones on September 15, with the slogan "A new leap to the benchmark". Ltd....

TSMC process: Snapdragon 8 Gen 2 chip is faster than Dimensity 9 series iteration

According to the Qualcomm Snapdragon Summit schedule, Snapdragon 8 Gen 2 chip is expected to be released in November this year and uses TSMC...

NIO Air AR Glasses Launched: 130-inch 3D Viewing Effect

The NIO Air AR Glasses, developed by Azure and AR startup Nreal, are now available in the Azure Car Store, providing a cinema-quality 3D...