Tag: windows
-
Microsoft announces new and improved Windows 11 security features
by
in SecurityNewsMicrosoft has implemented some and is working on delivering several other security-related features and improvements for Windows 11. Administrator protection will allow users … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/19/windows-11-security-features/
-
Microsoft plans to boot security vendors out of the Windows kernel
by
in SecurityNewsMicrosoft has announced the Windows Resiliency Initiative, aimed at avoiding a repeat of the prolonged worldwide IT outage caused by a buggy CrowdStrike update that took down … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/19/windows-kernel-security-vendors/
-
Windows 365 Link Cloud PC: Connect securely to Windows 365
by
in SecurityNewsMicrosoft unveiled Windows 365 Link, their first purpose-built Cloud PC device for instant, secure connection to Windows 365. Sign-in screen with USB security key option … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/19/windows-365-link/
-
Unraveling Raspberry Robin’s Layers: Analyzing Obfuscation Techniques and Core Mechanisms
by
in SecurityNewsIntroductionDiscovered in 2021, Raspberry Robin (also known as Roshtyak) is a malicious downloader that has circulated in the wild for several years, primarily spreading through infected USB devices. Although USB devices are a common and unremarkable tactic for spreading malware, Raspberry Robin stands out due to its unique binary-obfuscation techniques, extensive use of anti-analysis methods,…
-
Microsoft now testing hotpatch on Windows 11 24H2 and Windows 365
by
in SecurityNewsMicrosoft announced today that hotpatching is now also available in preview on Windows 365 and Windows 11 Enterprise 24H2 client devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-now-testing-hotpatch-on-windows-11-24h2-and-windows-365/
-
AnyDesk für Windows: Schwachstelle CVE-2024-52940 bis Version 8.1.0
by
in SecurityNewsIn der Fernwartungssoftware AnyDesk für Windows gibt es bis Version 8.1.0 eine Schwachstelle (CVE-2024-52940). Werden in den betroffenen Windows-Versionen von AnyDesk Windows Direktverbindungen zulassen aktiviert, legt die Software versehentlich eine öffentliche IP-Adresse im Netzwerkverkehr offen. Der Angreifer muss die AnyDesk-ID … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/19/anydesk-fuer-windows-schwachstelle-cve-2024-52940-bis-version-8-1-0/
-
China-linked actor’s malware DeepData exploits FortiClient VPN zero-day
by
in SecurityNewsChinese threat actors use custom post-exploitation toolkit ‘DeepData’ to exploit FortiClient VPN zero-day and steal credentials. Volexity researchers discovered a vulnerability in Fortinet’s Windows VPN client that China-linked threat actor BrazenBamboo abused in their DEEPDATA malware. BrazenBamboo is known to be the author of other malware families, including LIGHTSPY, DEEPDATA, and DEEPPOST. DEEPDATA is a…
-
New Windows 11 recovery tool to let admins remotely fix unbootable devices
by
in SecurityNewsMicrosoft is working on a new Windows “Quick Machine Recovery” feature that will allow IT administrators to use Windows Update “targeted fixes” to remotely fix systems rendered unbootable. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-quick-machine-recovery-lets-admins-remotely-fix-unbootable-devices/
-
Critical Windows Kerberos Flaw Exposes Millions of Servers to Attack
by
in SecurityNewsA critical vulnerability in the Windows Kerberos authentication protocol poses a significant risk to millions of servers. Microsoft… First seen on hackread.com Jump to article: hackread.com/windows-kerberos-flaw-millions-of-servers-attack/
-
Microsoft shares more details on Windows 11 admin protection
by
in SecurityNewsMicrosoft has shared more details about the new Windows 11 administrator protection security feature, which is available in preview and uses Windows Hello authentication prompts to block access to critical system resources. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-shares-more-details-on-windows-11-admin-protection/
-
Windows 11: Security-Updates für das sicherste Betriebssystem der Welt
by
in SecurityNewsInfolge des CrowdStrike-Debakels baut Microsoft die Sicherheitsfunktionen von Windows deutlich aus. Auch Drittentwickler werden streng an die Leine genommen. First seen on heise.de Jump to article: www.heise.de/news/Windows-11-Security-Updates-fuer-das-sicherste-Betriebssystem-der-Welt-10057468.html
-
Microsoft beefs up Windows security with new recovery and patching features
by
in SecurityNewsIn the aftermath of the devastating CrowdStrike outage this July, Microsoft vowed to do better even though it insisted that the event was an aberration. Evidently unwilling to take chances (or risk further hits to its credibility), the company on Tuesday, during Microsoft Ignite 2024, shared how it’s making changes to Windows to prevent similar…
-
New ‘Helldown’ Ransomware Variant Expands Attacks to VMware and Linux Systems
by
in SecurityNewsCybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors are broadening their attack focus.”Helldown deploys Windows ransomware derived from the LockBit 3.0 code,” Sekoia said in a report shared with The Hacker News. “Given the recent development of ransomware targeting ESX, it…
-
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
by
in SecurityNewsChinese threat actors use a custom post-exploitation toolkit named ‘DeepData’ to exploit a zero-day vulnerability in Fortinet’s FortiClient Windows VPN client that steal credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-exploit-fortinet-vpn-zero-day-to-steal-credentials/
-
APT41 expands cyberespionage to target Windows
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/apt41-expands-cyberespionage-to-target-windows
-
Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: Report
The DeepData malware framework was seen exploiting a Fortinet VPN client for Windows zero-day that remains unpatched. The post Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: Report appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/fortinet-vpn-zero-day-exploited-in-malware-attacks-remains-unpatched-report/
-
Backup, Systemwiederherstellung, Updates sicher durchführen – Komplette Sicherungen für Windows-PCs mit Active Disk Image
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/komplette-sicherungen-fuer-windows-pcs-mit-active-disk-image-a-3649dfcbeaba345fe9eaebe7b7b1d674/
-
Lumma Stealer statt KI-App: Malware befällt Windows und macOS
Vorsicht vor falschen KI-Tools wie EditProAI: Lumma Stealer bedroht Windows und macOS. So erkennt und vermeidet ihr die gut getarnte Malware. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/lumma-stealer-statt-ki-app-malware-befaellt-windows-und-macos-304346.html
-
Fake AI video generators infect Windows, macOS with infostealers
by
in SecurityNewsFake AI image and video generators infect Windows and macOS with the Lumma Stealer and AMOS information-stealing malware, used to steal credentials and cryptocurrency wallets from infected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-ai-video-generators-infect-windows-macos-with-infostealers/
-
DEF CON 32 Sudos And Sudon’ts: Peering Inside Sudo For Windows
by
in SecurityNewsAuthors/Presenters: Michael Torres Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/def-con-32-sudos-and-sudonts-peering-inside-sudo-for-windows/
-
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
by
in SecurityNewsA threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet’s FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA.Volexity, which disclosed the findings Friday, said it identified the zero-day exploitation of the credential disclosure vulnerability in July 2024, describing BrazenBamboo as the developer behind DEEPDATA,…
-
Zero-Day Vulnerability in FortiClient Exploited by BrazenBamboo APT
by
in SecurityNewsCybersecurity firm Volexity has uncovered a zero-day vulnerability in Fortinet’s Windows VPN client, FortiClient, being exploited by the BrazenBamboo Advanced Persistent Threat (APT) group. This vulnerability, detailed in Volexity’s latest... First seen on securityonline.info Jump to article: securityonline.info/zero-day-vulnerability-in-forticlient-exploited-by-brazenbamboo-apt/
-
Daniel Stori’s Turnoff.US: ‘I Love Windows Powershell’
by
in SecurityNewsvia the inimitable Daniel Stori at Turnoff.US! Permalink First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2024/11/daniel-storis-turnoff-us-i-love-windows-powershell/
-
Microsoft just killed the Windows 10 Beta Channel for good
by
in SecurityNewsFive months after reviving it in June, Microsoft has shut down the Windows 10 Beta Channel and will move all enrolled Windows Insiders to the Release Preview Channel. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-just-killed-the-windows-10-beta-channel-for-good/
-
LightSpy Spyware Operation Expands to Windows
The Chinese APT behind the LightSpy iOS backdoor has expanded its toolset with DeepData, a modular Windows-based surveillance framework. The post LightSpy Spyware Operation Expands to Windows appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/lightspy-ios-spyware-operation-expands-to-windows/
-
Microsoft just killed the Windows 10 Beta Channel again
by
in SecurityNewsFive months after reviving it in June, Microsoft has shut down the Windows 10 Beta Channel and will move all enrolled Windows Insiders to the Release Preview Channel. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-just-killed-the-windows-10-beta-channel-again/
-
Newly patched Windows zero-day leveraged to attack Ukraine
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/newly-patched-windows-zero-day-leveraged-to-attack-ukraine
-
Blinded by Silence
by
in SecurityNews
Tags: access, antivirus, attack, backdoor, breach, control, credentials, crowdstrike, cybersecurity, data, defense, detection, edr, endpoint, exploit, extortion, firewall, github, malicious, malware, microsoft, mitre, monitoring, network, open-source, phone, ransomware, risk, service, siem, sophos, threat, tool, update, vulnerability, windowsBlinded by Silence: How Attackers Disable EDR Overview Endpoint Detection and Response systems (EDRs) are an essential part of modern cybersecurity strategies. EDR solutions gather and analyze data from endpoints to identify suspicious activities and provide real-time threat visibility. This allows security teams to respond quickly to incidents, investigate threats thoroughly, and mitigate the impact of…
-
Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions
by
in SecurityNewsThe exploit for a new zero-day vulnerability in Windows is executed by deleting files, drag-and-dropping them, or right clicking on them. The post Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/windows-zero-day-exploited-by-russia-triggered-with-file-drag-and-drop-delete-actions/
-
How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)
by
in SecurityNewsCVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/14/cve-2024-43451-exploited/