Tag: windows
-
How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)
by
in SecurityNewsCVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/14/cve-2024-43451-exploited/
-
Dringend patchen: Kritische Kerberos-Lücke gefährdet Windows-Server-Systeme
by
in SecurityNewsDie Lücke betrifft alle Windows-Server-Versionen ab 2012 aufwärts und erlaubt es Angreifern, aus der Ferne Schadcode einzuschleusen und auszuführen. First seen on golem.de Jump to article: www.golem.de/news/dringend-patchen-kritische-kerberos-luecke-gefaehrdet-windows-server-systeme-2411-190766.html
-
Gratis-Tool: Sicherheitsforscher knacken ShrinkLocker-Verschlüsselung
by
in SecurityNewsDer Erpressungstrojaner ShrinkLocker nutzt Microsofts Bitlocker, um Windows-Systeme zu verschlüsseln. Ein Entschlüsselungstool hilft. First seen on heise.de Jump to article: www.heise.de/news/Gratis-Tool-Sicherheitsforscher-knacken-ShrinkLocker-Verschluesselung-10034933.html
-
Windows 10 ESU: Microsoft will 30 USD für ein Jahr Sicherheitsupdates
by
in SecurityNewsFirst seen on golem.de Jump to article: www.golem.de/news/windows-10-esu-microsoft-will-30-usd-fuer-ein-jahr-sicherheitsupdates-2411-190379.html
-
Windows 0-Day Exploited in Wild with Single Right Click
by
in SecurityNewsA newly discovered zero-day vulnerability, CVE-2024-43451, has been actively exploited in the wild, targeting Windows systems across various versions. This critical vulnerability, uncovered by the ClearSky Cyber Security team in June 2024, has been linked to attacks aimed specifically at Ukrainian organizations. The exploit allows malicious actors to gain control of a system through seemingly innocuous…
-
Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails
by
in SecurityNewsA newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine.The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to steal a user’s NTLMv2 hash. It was…
-
Right-Click to Hack: Zero-Day CVE-2024-43451 Vulnerability Targets Windows Users
by
in SecurityNewsClearSky Cyber Security has uncovered a new zero-day vulnerability, CVE-2024-43451, actively exploited in the wild, targeting Windows systems primarily in Ukraine. This flaw enables attackers to exploit URL files for... First seen on securityonline.info Jump to article: securityonline.info/right-click-to-hack-zero-day-cve-2024-43451-vulnerability-targets-windows-users/
-
Patch Tuesday: Four Critical Vulnerabilities Paved Over
by
in SecurityNewsThe November 2024 Microsoft updates let Windows 11 users remap the Copilot button. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/patch-tuesday-nov-24/
-
Microsoft patches Windows zero-day exploited in attacks on Ukraine
by
in SecurityNewsSuspected Russian hackers were caught exploiting a recently patched Windows vulnerability as a zero-day in ongoing attacks targeting Ukrainian entities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-exploited-in-attacks-on-ukraine/
-
November Patch Tuesday Brings Cornucopia Of 89 Fixes To Windows
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36589/November-Patch-Tuesday-Brings-Cornucopia-Of-89-Fixes-To-Windows.html
-
Patchday: Windows Server 2012 / R2 und Windows 7 (12. November 2024)
by
in SecurityNewsZum 12. November wurden diverse Sicherheitsupdates für Windows Server 2012/R2 (1. ESU Jahr) veröffentlicht. Für Windows Server 2008 R2 ist der Support im Januar 2024 ausgelaufen. Hier ein Überblick über diese Updates für Windows Server 2012 sowie Windows Server 2012 … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/13/patchday-windows-server-2012-r2-und-windows-7-12-november-2024/
-
Dieser Hacker-Trick umgeht sogar Antivirenprogramme: Wie Windows-Malware in Zip-Dateien versteckt wird
by
in SecurityNewsFirst seen on t3n.de Jump to article: t3n.de/news/hacker-trick-umgeht-antivirenprogramme-windows-malware-in-zip-dateien-1657123/
-
Sicherheitsupdates: Zoom Room Client & Co. angreifbar
by
in SecurityNewsDie Entwickler rüsten verschiedene Zoom-Apps gegen mögliche Angriffe. Davon sind unter anderem macOS und Windows betroffen. First seen on heise.de Jump to article: www.heise.de/news/Sicherheitsupdates-Zoom-Room-Client-Co-angreifbar-10031648.html
-
Kostenloser neuer Bitdefender-Dekryptor für <>
by
in SecurityNewsBitdefender hat einen Dekryptor vorgestellt, mit dem die Opfer von Attacken mit der Shrinklocker-Ransomware Dateien wiederherstellen können. Das ursprünglich möglicherweise für nützliche Zwecke programmierte und nun modifizierte Shrinklocker-Tool verändert die Konfigurationen des Windows-Verschlüsselungstools Bitlocker, so dass Opfer nicht mehr auf die Laufwerke eines Systems zugreifen können. Das Entschlüsselungsprogramm der Bitdefender Labs ist ab sofort kostenlos…
-
Bitdefender Finds New ShrinkLocker Ransomware, Releases Its Decryptor Tool
by
in SecurityNewsBitdefender has released a free decryptor for ShrinkLocker ransomware, which exploits Windows BitLocker to encrypt systems. Discover all… First seen on hackread.com Jump to article: hackread.com/bitdefender-shrinklocker-ransomware-decryptor-tool/
-
New ShrinkLocker ransomware decryptor recovers BitLocker password
by
in SecurityNewsBitdefender has released a decryptor for the ‘ShrinkLocker’ ransomware strain, which uses Windows’ built-in BitLocker drive encryption tool to lock victim’s files. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-shrinklocker-ransomware-decryptor-recovers-bitlocker-password/
-
Fortinet stopft Sicherheitslecks in FortiOS, FortiAnalyzer und FortiClient
by
in SecurityNewsSicherheitslücken in FortiClient für Windows, FortiAnalyzer und FortiOS machen die Systeme anfällig für Angriffe. Updates stehen bereit. First seen on heise.de Jump to article: www.heise.de/news/Fortinet-sichert-FortiOS-FortiAnalyzer-und-FortiClient-ab-10031976.html
-
Chrome 131 Released with the Fix for Multiple Vulnerabilities
by
in SecurityNewsThe Chrome team has officially announced the release of Chrome 131 for Windows, Mac, and Linux. The new version, Chrome 131.0.6778.69 for Linux and 131.0.6778.69/.70 for Windows and Mac is set to roll out to users over the coming days and weeks. This update includes several security fixes, performance improvements, and other enhancements, making Chrome…
-
Windows Server 2025: Microsoft weist Schuld für Auto-Upgrades von sich
by
in SecurityNewsEinige Patchmanagement-Lösungen haben ungefragt Serversysteme auf Windows Server 2025 aktualisiert. Microsoft zeigt auf Drittanbieter. First seen on golem.de Jump to article: www.golem.de/news/windows-server-2025-microsoft-weist-schuld-fuer-auto-upgrades-von-sich-2411-190743.html
-
Emmenhtal Loader Uses Scripts to Deliver Lumma and Other Malware
by
in SecurityNewsEmmenhtal Loader uses LOLBAS techniques, deploying malware like Lumma and Amadey through legitimate Windows tools. Its infection chain… First seen on hackread.com Jump to article: hackread.com/emmenhtal-loader-uses-scripts-deliver-lumma-malware/
-
Vorsicht vor ZIP-Dateien: Hacker verstecken Malware in komprimierten Ordnern
by
in SecurityNewsHacker haben es auf Windows-Rechner abgesehen und nutzen die ZIP-Dateiverkettung aus, um Malware in komprimierten Archiven zu übermitteln, ohne dass Sicherheitssoftware sie erkennt. First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/vorsicht-vor-zip-dateien-hacker-verstecken-malware-in-komprimierten-ordnern
-
Microsoft ‘resolves’ and ‘mitigates’ Windows Server 2025 update whoopsie
by
in SecurityNewsNo sign of ‘rollback’ yet First seen on theregister.com Jump to article: www.theregister.com/2024/11/11/microsoft_windows_2025_mitigated/
-
Patchday Microsoft: Internet-Explorer-Komponente ermöglicht Attacken
by
in SecurityNewsMicrosoft hat wichtige Sicherheitspatches für unter anderem Azure, Exchange Server und Windows veröffentlicht. Es gibt bereits Angriffe. First seen on heise.de Jump to article: www.heise.de/news/Patchday-Microsoft-Internet-Explorer-Komponente-ermoeglicht-Attacken-10029614.html
-
Veritas Netbackup: Rechteausweitung in Windows möglich
by
in SecurityNews
Tags: windowsFirst seen on heise.de Jump to article: www.heise.de/news/Veritas-Netbackup-Rechteausweitung-in-Windows-moeglich-10004814.html
-
2 Zero-Day Bugs in Microsoft’s Nov. Update Under Active Exploit
by
in SecurityNewsThe November 2024 Patch Tuesday update contains a substantially high percentage of remote code execution (RCE) vulnerabilities (including a critical issue in Windows Kerberos), and two other zero-day bugs that have been previously disclosed and could soon come under attack. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/2-zero-day-bugs-microsoft-nov-update-active-exploit
-
Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs
by
in SecurityNewsMicrosoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild.The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical,…
-
Cylance Ransomware greift Windows- und Linux-Systeme an
by
in SecurityNewsEine neue Version der Cylance Ransomware attackiert derzeit Windows- und Linux-Systeme. Noch befindet sie sich scheinbar in einem frühen Stadium, hat … First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/cylance-ransomware-greift-windows-und-linux-systeme-an
-
Patchday: Windows 11/Server 2022-Updates (12. November 2024)
by
in SecurityNewsAm 12. November 2024 (zweiter Dienstag im Monat, Patchday bei Microsoft) hat Microsoft auch kumulative Updates für Windows 11 22H2 bis 24H2 veröffentlicht. Zudem erhielten Windows Server 2022 Windows Server 2025 Updates. Hier einige Details zu diesen Updates, die … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/13/patchday-windows-11-server-2022-updates-12-november-2024/
-
Patchday: Windows 10/Server-Updates (12. November 2024)
by
in SecurityNewsAm 12. November 2024 (zweiter Dienstag im Monat, Patchday bei Microsoft) wurden verschiedene kumulative Updates für die unterstützten Windows 10 Builds (von der RTM-Version bis zur aktuellen Version) sowie für die Windows Server-Pendants freigegeben. Hier einige Details zu den jeweiligen … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/13/patchday-windows-10-server-updates-12-november-2024/
-
Microsoft Security Update Summary (12. November 2024)
by
in SecurityNewsAm 12. November 2024 hat Microsoft Sicherheitsupdates für Windows-Clients und -Server, für Office sowie für weitere Produkte veröffentlicht. Die Sicherheitsupdates beseitigen 87 Schwachstellen (CVEs), davon vier kritische Sicherheitslücken, davon 4 als 0-day klassifiziert (zwei werden bereits ausgenutzt). Nachfolgend … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/13/microsoft-security-update-summary-12-november-2024/