Tag: windows
-
WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401)
by
in SecurityNewsWhatsApp users are urged to update the Windows client app to plug a serious security vulnerability (CVE-2025-30401) that may allow attackers to trick users into running … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/09/whatsapp-vulnerability-windows-cve-2025-30401/
-
Windows-Sicherheit: Patientenakte 2014
by
in SecurityNewsHeute veröffentlichen wir unser White Paper zum Thema Windows-Sicherheit im Jahr 2014. Der Bericht enthält unter anderem interessante Informationen über Schwachstellen in Microsoft Windows und Office, die innerhalb des letzten Jahres gepatcht wurden, Drive-By-Downloads und Techniken zur Schadensbegrenzung. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/01/08/windows-sicherheit-2014/
-
Windows 7: Ende des Mainstream Supports
by
in SecurityNewsWie Microsoft bereits im Juli 2014 angekündigt hatte, wurde der Mainstream Support für das beliebte Betriebssystem Windows 7 am vergangenen Dienstag eingestellt. Nutzer erhalten zwar nach wie vor Sicherheitsupdates, darüber hinaus allerdings keine Aktualisierungen. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/01/15/windows-7-ende-des-mainstream-supports/
-
Windows-Gefahren: Vergangenheit, Gegenwart und Zukunft
by
in SecurityNewsMobile Malware befindet sich auf dem Vormarsch, doch die fragmentierte Marktsituation erschwert den Cyberkriminellen ihre Arbeit ganz im Gegensatz zu der Welt der Desktops und Laptops: Laut Net Marketshare laufen seit letztem Monat 90 Prozent der Computer unter einer Windows-Version. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/05/19/windows-gefahren-vergangenheit-gegenwart-und-zukunft/
-
Sicherheitslücke bei WinRAR bedroht Windows-Rechner
by
in SecurityNewsEine Sicherheitslücke in der Archivierungssoftware WinRAR könnte von Kriminellen ausgenutzt werden, um Sicherheitswarnungen zu umgehen und beliebigen Code auf Windows-Rechnern auszuführen. First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/sicherheitslucke-bei-winrar-bedroht-windows-rechner
-
Microsoft Security Update Summary (8. April 2025)
by
in SecurityNewsMicrosoft hat am 8. April 2025Sicherheitsupdates für Windows-Clients und -Server, für Office sowie für weitere Produkte veröffentlicht. Die Sicherheitsupdates beseitigen 121 Schwachstellen (CVEs), eine davon wurde als 0-day klassifiziert. Diese Schwachstelle wurde bereits angegriffen. Nachfolgend findet sich ein … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/04/09/microsoft-security-update-summary-8-april-2025/
-
April 2025 updates break Windows Hello on some PCs
by
in SecurityNewsMicrosoft says some Windows users might be unable to log into their accounts via Windows Hello after installing the April 2025 security updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-april-2025-updates-break-windows-hello-on-some-pcs/
-
Whatsapp plugs bug allowing RCE with spoofed filenames
by
in SecurityNewsWhatsapp makes for a popular attack vector: Whatsapp has been frequently targeted in the past for its popularity as an encrypted chatting platform. With over 10 billion downloads on Google Play Store alone, the platform makes for a lucrative target for threat actors.A similar security oversight was reported in July 2024 to be affecting the…
-
Windows Kerberos Vulnerability Enables Security Feature Bypass
by
in SecurityNewsMicrosoft has disclosed a new security vulnerability in Windows operating systems, tracked as CVE-2025-29809. This flaw, classified withImportantseverity, impacts the Kerberos authentication protocol, potentially enabling attackers to bypass critical security features. The vulnerability stems from weaknesses described underCWE-922: Insecure Storage of Sensitive Information, making it a pressing concern for organizations relying on Kerberos for secure authentication.…
-
Microsoft Warns of Ransomware Attacks Exploiting CVE-2025-29824 Zero-Day
by
in SecurityNewsOn April 8, 2025, Microsoft released its monthly security updates, addressing a total of 121 vulnerabilities across various products. Among these, CVE-2025-29824, a zero-day vulnerability in the Windows Common Log File System (CLFS) Driver, has been actively exploited in ransomware… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-29824-zero-day-ransomware-attacks/
-
Lenovo und Superfish Lösungsfindung statt Panik
by
in SecurityNewsSeit ein paar Tagen sorgt Superfish für einigen Ärger im Netz. Denn diese schlecht durchdachte Software wurde auf einigen Lenovo-Rechnern vorinstalliert mitgeliefert und gefährdet auf Microsoft Windows Computern die Sicherheit. Doch die Aufregung ist in manchen Fällen unbegründet. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/02/23/lenovo-und-superfish/
-
Microsoft patches zero-day actively exploited in string of ransomware attacks
by
in SecurityNewsMicrosoft said Storm-2460 has exploited the zero-day in the Windows Common Log File System to attack organizations in the U.S., Venezuela, Spain and Saudi Arabia. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-patch-tuesday-april-2025/
-
Novel Neptune RAT variant sets sights on Windows
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/novel-neptune-rat-variant-sets-sights-on-windows
-
The SQL Server Crypto Detour
by
in SecurityNews
Tags: access, api, backup, credentials, crypto, cryptography, data, encryption, jobs, microsoft, password, service, sql, tool, update, vulnerability, windowsAs part of my role as Service Architect here at SpecterOps, one of the things I’m tasked with is exploring all kinds of technologies to help those on assessments with advancing their engagement. Not long after starting this new role, I was approached with an interesting problem. A SQL Server database backup for a ManageEngine’s…
-
Microsoft fixes auth issues on Windows Server, Windows 11 24H2
by
in SecurityNewsMicrosoft has fixed a known issue causing authentication problems when Credential Guard is enabled on systems using the Kerberos PKINIT pre-auth security protocol. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-auth-issues-on-windows-server-windows-11-24h2/
-
Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day
by
in SecurityNewsPatch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild. The post Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-patches-125-windows-vulns-including-exploited-clfs-zero-day/
-
Spoofing vuln threatens security of WhatsApp Windows users
by
in SecurityNewsMeta has disclosed and patched a potentially dangerous spoofing flaw in WhatsApp for Windows that could have caused big problems for unwitting users First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366622276/Spoofing-vuln-threatens-security-of-WhatsApp-Windows-users
-
Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824)
by
in SecurityNewsApril 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day (CVE-2025-29824) that’s under active attack. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/08/patch-tuesday-microsoft-zero-day-cve-2025-29824/
-
Windows CLFS zero-day exploited by ransomware gang
by
in SecurityNewsMicrosoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims’ systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-windows-clfs-zero-day-exploited-by-ransomware-gang/
-
WhatsApp for Windows Flaw Could Let Hackers Sneak In Malicious Files
If you use WhatsApp Desktop on Windows, listen up! A flaw in WhatsApp for Windows (CVE-2025-30401) let attackers disguise malicious files as safe ones. Update to version 2.2450.6 or later to stay secure. First seen on hackread.com Jump to article: hackread.com/whatsapp-windows-flaw-hackers-sneak-malicious-files/
-
Windows 10 KB5055518 update fixes random text when printing
by
in SecurityNewsMicrosoft has released the KB5055518 cumulative update for Windows 10 22H2 and Windows 10 21H2, with nine changes or fixes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-10-kb5055518-update-fixes-random-text-when-printing/
-
Windows 11 KB5055523 & KB5055528 cumulative updates released
by
in SecurityNewsMicrosoft has released Windows 11 KB5055523 and KB5055528 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-kb5055523-and-kb5055528-cumulative-updates-released/
-
Dangerous, Windows-Hijacking Neptune RAT Scurries Into Telegram, YouTube
by
in SecurityNewsThe malware’s creators insist a new open source version of Neptune is for educational use by pen testers, but a raft of sophisticated backdoor and evasion capabilities says otherwise. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/windows-hijacking-neptune-rat-telegram-youtube
-
WhatsApp flaw can let attackers run malicious code on Windows PCs
by
in SecurityNewsMeta warned Windows users to update the WhatsApp messaging app to the latest version to patch a vulnerability that can let attackers execute malicious code on their devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/whatsapp-flaw-can-let-attackers-run-malicious-code-on-windows-pcs/
-
WhatsApp fixed a spoofing flaw that could enable Remote Code Execution
by
in SecurityNewsWhatsApp addressed a flaw, tracked as CVE-2025-30401, that could allow attackers to trick users and enable remote code execution. WhatsApp released a security update to address a vulnerability, tracked as CVE-2025-30401, that could let attackers trick users and enable remote code execution. The spoofing flaw impacts WhatsApp for Windows before version 2.2450.6. An attacker could…
-
BlockyVeeam optimiert den BackupSchutz
by
in SecurityNewsGrau Data stellt seine neueste Version des Backup-Ransomware-Schutzes vor. Blocky-for-Veeam ist einfach zu installieren und intuitiv in der Bedienung. Er ist derzeit der einzige Ransomware-Schutz für Backups, der direkt auf dem Veeam-Windows-Server aufsetzt und mit der erprobten Grau-Data-WORM (Write Once, Read Many)-Technologie einen unveränderlichen Schutzschild für Veeam-Backups erzeugt. Blocky-for-Veeam 3.5 bietet […] First seen on…
-
WhatsApp Vulnerability Could Facilitate Remote Code Execution
by
in SecurityNewsAn update for the WhatsApp desktop app for Windows patches CVE-2025-30401, a spoofing vulnerability that could be used to trick users. The post WhatsApp Vulnerability Could Facilitate Remote Code Execution appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/whatsapp-vulnerability-could-facilitate-remote-code-execution/
-
Chinese ToddyCat abuses ESET antivirus bug for malicious activities
by
in SecurityNewsA range of affected products: The flaw affects all of ESET offerings with the command line scanner which includes an array of products used by power users, IT admins, and enterprise environments.According to the advisory, the affected antivirus versions include ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, and ESET Security Ultimate 18.0.12.0…