Windows

Microsoft will offer extended security updates for Windows 10

Microsoft will offer extended security updates for Windows 10 06/12/2023 at 16:16 By Zeljka Zorz Microsoft will not abandon Windows 10 users to an insecure fate once it reaches end of support (EOS) on October 14, 2025: both enterprises and individual consumers will be able receive Extended Security Updates (ESU), but will have to pay […]

React to this headline:

Loading spinner

Microsoft will offer extended security updates for Windows 10 Read More »

Online stores may not be as secure as you think

Online stores may not be as secure as you think 23/11/2023 at 07:01 By Help Net Security Credit card skimming is on the rise for the holiday shopping season, according to Malwarebytes. Online stores are not always as secure as you might think they are, and yet you need to hand over your valuable credit

React to this headline:

Loading spinner

Online stores may not be as secure as you think Read More »

New Java-Based Rude Stealer abuses DirectX Diagnostic Tool

New Java-Based Rude Stealer abuses DirectX Diagnostic Tool 20/11/2023 at 14:31 By cybleinc CRIL analyzes Rude Stealer – a Java-based stealer capable of exfiltrating a wide range of information from infected systems. The post New Java-Based Rude Stealer abuses DirectX Diagnostic Tool appeared first on Cyble. This article is an excerpt from Cyble View Original

React to this headline:

Loading spinner

New Java-Based Rude Stealer abuses DirectX Diagnostic Tool Read More »

November 2023 Patch Tuesday forecast: Year 21 begins

November 2023 Patch Tuesday forecast: Year 21 begins 10/11/2023 at 09:03 By Help Net Security The October forecast for large numbers of CVEs addressed in Windows 10 and 11 and the recent record on the number fixed in Windows Server 2012 was spot on! Microsoft addressed 75 CVEs in Windows 11, 80 in Windows 10,

React to this headline:

Loading spinner

November 2023 Patch Tuesday forecast: Year 21 begins Read More »

From Windows 9x to 11: Tracing Microsoft’s security evolution

From Windows 9x to 11: Tracing Microsoft’s security evolution 31/10/2023 at 09:01 By Mirko Zorz Over its journey from Windows 9x to Windows 11, Microsoft has implemented multiple security overhauls, each addressing the challenges of its time and setting the stage for future developments. In this Help Net Security interview, we feature security researcher Alex

React to this headline:

Loading spinner

From Windows 9x to 11: Tracing Microsoft’s security evolution Read More »

Logging Made Easy: Free log management solution from CISA

Logging Made Easy: Free log management solution from CISA 30/10/2023 at 13:17 By Help Net Security CISA launched a new version of Logging Made Easy (LME), a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free. CISA’s version reimagines technology developed by the United Kingdom’s National Cyber Security Centre

React to this headline:

Loading spinner

Logging Made Easy: Free log management solution from CISA Read More »

10 essential cybersecurity cheat sheets available for free

10 essential cybersecurity cheat sheets available for free 18/10/2023 at 07:02 By Help Net Security Cheat sheets are concise, to-the-point references tailored for instant insights. This article provides a curated list of 10 essential cybersecurity cheat sheets, all free to download. Whether you’re seeking a quick refresher or a beginner trying to make sense of

React to this headline:

Loading spinner

10 essential cybersecurity cheat sheets available for free Read More »

Microsoft plugs exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763)

Microsoft plugs exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763) 10/10/2023 at 22:01 By Zeljka Zorz On this October 2023 Patch Tuesday, Microsoft has released 103 patches and has fixed three actively exploited vulnerabilities (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487). The exploited zero-days (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487) CVE-2023-36563, discovered by Microsoft Threat Intelligence, is a WordPad vulnerability that could

React to this headline:

Loading spinner

Microsoft plugs exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763) Read More »

Fake Bitwarden installation packages delivered RAT to Windows users

Fake Bitwarden installation packages delivered RAT to Windows users 27/09/2023 at 11:47 By Helga Labus Windows users looking to install the Bitwarden password manager may have inadvertently installed a remote access trojan (RAT). The ZenRAT malware A malicious website spoofing Bitwarden’s legitimate one (located at bitwariden[.]com) has been offering fake installation packages containing the ZenRAT

React to this headline:

Loading spinner

Fake Bitwarden installation packages delivered RAT to Windows users Read More »

Microsoft Adding New Security Features to Windows 11

Microsoft Adding New Security Features to Windows 11 26/09/2023 at 20:46 By Eduard Kovacs Microsoft announced that the latest Windows 11 update (23H2) will bring more support for passkeys and several new security features.   The post Microsoft Adding New Security Features to Windows 11 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Microsoft Adding New Security Features to Windows 11 Read More »

Kubernetes vulnerabilities allows RCE on Windows endpoints (CVE-2023-3676)

Kubernetes vulnerabilities allows RCE on Windows endpoints (CVE-2023-3676) 18/09/2023 at 14:32 By Helga Labus Three high-severity Kubernetes vulnerabilities (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) could allow attackers to execute code remotely and gain control over all Windows nodes in the Kubernetes cluster. About the vulnerabilities CVE-2023-3676, discovered by Akamai researcher Tomer Peled, is a command injection vulnerability that

React to this headline:

Loading spinner

Kubernetes vulnerabilities allows RCE on Windows endpoints (CVE-2023-3676) Read More »

LockBit leaks sensitive data from maximum security fence manufacturer

LockBit leaks sensitive data from maximum security fence manufacturer 05/09/2023 at 17:32 By Helga Labus The LockBit ransomware group has breached Zaun, a UK-based manufacturer of fencing systems for military sites and critical utilities, by compromising a legacy computer running Windows 7 and using it as an initial point of access to the wider company

React to this headline:

Loading spinner

LockBit leaks sensitive data from maximum security fence manufacturer Read More »

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831) 23/08/2023 at 18:46 By Zeljka Zorz Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal money from broker accounts. “This vulnerability has been exploited since April 2023,” says Group-IB malware

React to this headline:

Loading spinner

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831) Read More »

WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)

WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477) 21/08/2023 at 14:47 By Helga Labus RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. About CVE-2023-40477 A widely used Windows-only utility, WinRAR can create and extract file archives in various compression formats (RAR, ZIP, CAB, ARJ, LZH, TAR, GZip,

React to this headline:

Loading spinner

WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477) Read More »

Stremio vulnerability exposes millions to RCE and data theft

Stremio vulnerability exposes millions to RCE and data theft 31/07/2023 at 11:02 By Help Net Security CyFox has recently identified a critical hijacking vulnerability in Stremio 4.4, a popular software platform for streaming movies and TV shows. With over 5 million users relying on Stremio for their entertainment needs, this vulnerability poses a significant risk

React to this headline:

Loading spinner

Stremio vulnerability exposes millions to RCE and data theft Read More »

Trojanized Application Preying on TeamViewer Users

Trojanized Application Preying on TeamViewer Users 13/07/2023 at 14:32 By cybleinc Cyble Research & Intelligence Labs analyzes a trojanized version of the TeamViewer application and how it distributes njRAT. The post Trojanized Application Preying on TeamViewer Users appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

Trojanized Application Preying on TeamViewer Users Read More »

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884) 11/07/2023 at 22:31 By Zeljka Zorz For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an Office and Windows HTML RCE vulnerability exploited in targeted attacks

React to this headline:

Loading spinner

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884) Read More »

ARCrypt Ransomware Evolves with Multiple TOR Communication Channels

ARCrypt Ransomware Evolves with Multiple TOR Communication Channels 06/07/2023 at 19:01 By cybleinc CRIL analyses an updated version of ARCrypt ransomware and an unconventional communication method attackers use. The post ARCrypt Ransomware Evolves with Multiple TOR Communication Channels appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this

React to this headline:

Loading spinner

ARCrypt Ransomware Evolves with Multiple TOR Communication Channels Read More »

Unveiling Wagner Group’s Cyber-Recruitment

Unveiling Wagner Group’s Cyber-Recruitment 27/06/2023 at 15:18 By cybleinc Cyble analyzes Wagner Ransomware, a ransomware variant promoting recruitment into PMC Wagner amidst ongoing Russian internal conflict. The post Unveiling Wagner Group’s Cyber-Recruitment appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

Unveiling Wagner Group’s Cyber-Recruitment Read More »

PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)

PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178) 23/06/2023 at 17:19 By Helga Labus Proof-of-concept (PoC) exploit code for the high-severity vulnerability (CVE-2023-20178) in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility Client Software for Windows has been published. About the vulnerability Cisco Secure Client Software – previously known as

React to this headline:

Loading spinner

PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178) Read More »

Scroll to Top