Windows

BlackLock ransomware onslaught: What to expect and how to fight it

BlackLock ransomware onslaught: What to expect and how to fight it 2025-02-18 at 18:33 By Zeljka Zorz BlackLock is on track to become the most active ransomware-as-a-service (RaaS) outfit in 2025, according to ReliaQuest. Its success is primarily due to their unusually active presence and good reputation on the ransomware-focused Russian-language forum RAMP, and their […]

React to this headline:

Loading spinner

BlackLock ransomware onslaught: What to expect and how to fight it Read More »

New Windows Zero-Day Exploited by Chinese APT: Security Firm

New Windows Zero-Day Exploited by Chinese APT: Security Firm 2025-02-14 at 13:52 By Eduard Kovacs ClearSky Cyber Security says it has seen a new Windows zero-day being exploited by a Chinese APT named Mustang Panda.  The post New Windows Zero-Day Exploited by Chinese APT: Security Firm appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

New Windows Zero-Day Exploited by Chinese APT: Security Firm Read More »

North Korean hackers spotted using ClickFix tactic to deliver malware

North Korean hackers spotted using ClickFix tactic to deliver malware 2025-02-13 at 18:34 By Zeljka Zorz North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic. A relatively new tactic The ClickFix social engineering tactic has been dubbed thus

React to this headline:

Loading spinner

North Korean hackers spotted using ClickFix tactic to deliver malware Read More »

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) 2025-02-11 at 22:21 By Zeljka Zorz February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days – CVE-2025-21418 and CVE-2025-21391 – under active exploitation. CVE-2025-21418 and CVE-2025-21391 CVE-2025-21418 is a vulnerability in the Windows Ancillary Function Driver (AFD.sys), which interfaces

React to this headline:

Loading spinner

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) Read More »

Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)

Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) 2025-02-04 at 15:08 By Zeljka Zorz CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver malware to Ukrainian entities, Trend Micro researchers have revealed. The 7-Zip vulnerability (CVE-2025-0411) Mark-of-the-Web (MotW) is a

React to this headline:

Loading spinner

Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) Read More »

Don’t let these open-source cybersecurity tools slip under your radar

Don’t let these open-source cybersecurity tools slip under your radar 2025-01-27 at 07:07 By Help Net Security This article showcases free, open-source cybersecurity tools that help you identify and address vulnerabilities, detect intrusion, protect websites from cyber attacks, monitor and detect suspicious activities across your network. Am I Isolated: Open-source container security benchmark Am I

React to this headline:

Loading spinner

Don’t let these open-source cybersecurity tools slip under your radar Read More »

Microsoft fixes actively exploited Windows Hyper-V zero-day flaws

Microsoft fixes actively exploited Windows Hyper-V zero-day flaws 2025-01-14 at 23:03 By Zeljka Zorz Microsoft has marked January 2025 Patch Tuesday with a hefty load of patches: 157 CVE-numbered security issues have been fixed in various products, three of which (in Hyper-V) are being actively exploited. The exploited Hyper-V vulnerabilities The exploited zero-days are CVE-2025-21333

React to this headline:

Loading spinner

Microsoft fixes actively exploited Windows Hyper-V zero-day flaws Read More »

Chainsaw: Open-source tool for hunting through Windows forensic artefacts

Chainsaw: Open-source tool for hunting through Windows forensic artefacts 2025-01-13 at 06:34 By Help Net Security Chainsaw is an open-source first-response tool for quickly detecting threats in Windows forensic artefacts, including Event Logs and the MFT file. It enables fast keyword searches through event logs and identifies threats using built-in Sigma detection and custom detection

React to this headline:

Loading spinner

Chainsaw: Open-source tool for hunting through Windows forensic artefacts Read More »

Job-seeking devs targeted with fake CrowdStrike offer via email

Job-seeking devs targeted with fake CrowdStrike offer via email 2025-01-10 at 14:33 By Zeljka Zorz Cryptojackers are impersonating Crowdstrike via email to get developers to unwittingly install the XMRig cryptocurrency miner on their Windows PC, the company has warned. The email Crowdstrike has a web page where job hunters can see which positions are open

React to this headline:

Loading spinner

Job-seeking devs targeted with fake CrowdStrike offer via email Read More »

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance 2025-01-10 at 09:45 By Help Net Security Welcome to 2025 and a new year of patch excitement! In my December article, I talked about Microsoft’s Secure Future Initiative (SFI) and how it manifested in many of the Microsoft products released in 2024. While this security

React to this headline:

Loading spinner

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance Read More »

IT Vulnerability Report: Cleo, Windows Flaws Under Attack

IT Vulnerability Report: Cleo, Windows Flaws Under Attack 2024-12-16 at 12:18 By daksh sharma Cyble Research and Intelligence Labs (CRIL) researchers investigated 16 IT vulnerabilities and 11 dark web exploits in the week ended Dec. 10, including actively exploited vulnerabilities in Cleo managed file transfer (MFT) software and Microsoft Windows. Other vulnerabilities analyzed by Cyble

React to this headline:

Loading spinner

IT Vulnerability Report: Cleo, Windows Flaws Under Attack Read More »

Microsoft fixes exploited zero-day (CVE-2024-49138)

Microsoft fixes exploited zero-day (CVE-2024-49138) 2024-12-10 at 23:04 By Zeljka Zorz On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by attackers in the wild to execute code with higher privileges. CVE-2024-49138 exploited by attackers CVE-2024-49138 stems from a heap-based buffer overflow

React to this headline:

Loading spinner

Microsoft fixes exploited zero-day (CVE-2024-49138) Read More »

Windows, macOS users targeted with crypto-and-info-stealing malware

Windows, macOS users targeted with crypto-and-info-stealing malware 2024-12-06 at 14:05 By Zeljka Zorz Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of AI and some social engineering, you can end up with information and

React to this headline:

Loading spinner

Windows, macOS users targeted with crypto-and-info-stealing malware Read More »

December 2024 Patch Tuesday forecast: The secure future initiative impact

December 2024 Patch Tuesday forecast: The secure future initiative impact 2024-12-06 at 08:04 By Help Net Security It seems like 2024 just started, but the final Patch Tuesday of the year is almost here! In retrospect, it has been a busy year with continued Windows 11 releases, the new Server 2025 release, and all the

React to this headline:

Loading spinner

December 2024 Patch Tuesday forecast: The secure future initiative impact Read More »

Cybercriminals used a gaming engine to create undetectable malware loader

Cybercriminals used a gaming engine to create undetectable malware loader 2024-11-27 at 20:33 By Zeljka Zorz Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses Godot Engine, an open-source game engine. The loader – dubbed

React to this headline:

Loading spinner

Cybercriminals used a gaming engine to create undetectable malware loader Read More »

Researchers reveal exploitable flaws in corporate VPN clients

Researchers reveal exploitable flaws in corporate VPN clients 2024-11-26 at 17:33 By Zeljka Zorz Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be exploited to remotely execute code on users’ devices. CVE-2024-5921 CVE-2024-5921 affects various versions of Palo Alto’s GlobalProtect App on

React to this headline:

Loading spinner

Researchers reveal exploitable flaws in corporate VPN clients Read More »

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor 2024-11-26 at 12:18 By Zeljka Zorz Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows Task Scheduler, as zero-days earlier this year. “Chaining together two zero-day vulnerabilities armed

React to this headline:

Loading spinner

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor Read More »

Microsoft asks Windows Insiders to try out the controversial Recall feature

Microsoft asks Windows Insiders to try out the controversial Recall feature 2024-11-25 at 16:33 By Zeljka Zorz Participants of the Windows Insider Program that have a Qualcomm Snapdragon-powered Copilot+ PC can now try out Recall, the infamous snapshot-taking, AI-powered feature that was met with much criticism when it was unveiled earlier this year. “We heard

React to this headline:

Loading spinner

Microsoft asks Windows Insiders to try out the controversial Recall feature Read More »

Microsoft announces new and improved Windows 11 security features

Microsoft announces new and improved Windows 11 security features 2024-11-19 at 21:04 By Zeljka Zorz Microsoft has implemented some and is working on delivering several other security-related features and improvements for Windows 11. Administrator protection will allow users to make system changes on their PCs without having administrator rights (that can be abused by attackers

React to this headline:

Loading spinner

Microsoft announces new and improved Windows 11 security features Read More »

Microsoft plans to boot security vendors out of the Windows kernel

Microsoft plans to boot security vendors out of the Windows kernel 2024-11-19 at 20:48 By Zeljka Zorz Microsoft has announced the Windows Resiliency Initiative, aimed at avoiding a repeat of the prolonged worldwide IT outage caused by a buggy CrowdStrike update that took down millions of Windows machines and rendered them remotely unfixable. As part

React to this headline:

Loading spinner

Microsoft plans to boot security vendors out of the Windows kernel Read More »

Scroll to Top