Windows UAC is a protection mechanism introduced in Windows Vista and above, which asks the user to confirm if they wish to run a high-risk application before it is executed.

https://www.bleepingcomputer.com/news/security/bypassing-windows-10-uac-with-mock-folders-and-dll-hijacking/

The Department of Justice (DOJ) said Friday that the hackers behind the major SolarWinds attack compromised employee accounts in more than two dozen federal prosecutors’ offices.

The DOJ said in an update that the hackers are believed to have compromised the accounts from May 7 to Dec. 27, 2020. The data includes “all sent, received, and stored emails and attachments found within those accounts during that time.”

In total, hackers gained access to “one or more employees’ ” emails in 27 office across 15 states and the District of Columbia, the DOJ said Friday.

The hack, which was first discovered in December, involved Russian hackers exploiting software from IT group SolarWinds to gain access to about 18,000 customers, compromising nine federal agencies and 100 private-sector groups.

The incident is believed to be one of the largest cyber espionage attacks in U.S. history.

An infamous cross-platform crypto-mining malware has continued to refine and improve upon its techniques to strike both Windows and Linux operating systems by setting its sights on older vulnerabilities, while simultaneously latching on to a variety of spreading mechanisms to maximize the effectiveness of its campaigns.

“LemonDuck, an actively updated and robust malware that’s primarily known for its botnet and cryptocurrency mining objectives, followed the same trajectory when it adopted more sophisticated behavior and escalated its operations,” Microsoft said in a technical write-up published last week. “Today, beyond using resources for its traditional bot and mining activities, LemonDuck steals credentials, removes security controls, spreads via emails, moves laterally, and ultimately drops more tools for human-operated activity.”