Tag: windows
-
Hackers Actively Scanning TCP Ports 8530/8531 for WSUS CVE-2025-59287
Security researchers at the SANS Internet Storm Center have detected a significant spike in suspicious network traffic targeting Windows Server Update Services (WSUS) infrastructure worldwide. The reconnaissance activity focuses specifically on TCP ports 8530 and 8531, which correspond to unencrypted and encrypted communication channels for WSUS servers vulnerable to the recently disclosed CVE-2025-59287. This coordinated…
-
Microsoft bestätigt: Task-Manager-Bug müllt unter Windows 11 den Speicher voll
Das letzte Windows-11-Update bringt die Systeme der Nutzer an ihre Grenzen – zumindest wenn der Task-Manager häufig verwendet wird. First seen on golem.de Jump to article: www.golem.de/news/microsoft-bestaetigt-task-manager-bremst-nach-update-windows-11-aus-2511-201782.html
-
Microsoft bestätigt: Task-Manager bremst nach Update Windows 11 aus
Das letzte Windows-11-Update bringt die Systeme der Nutzer an ihre Grenzen – zumindest wenn der Task-Manager häufig verwendet wird. First seen on golem.de Jump to article: www.golem.de/news/microsoft-bestaetigt-task-manager-bremst-nach-update-windows-11-aus-2511-201782.html
-
Windows Task Manager won’t quit after KB5067036 update
Microsoft has confirmed a known issue that is preventing users from quitting the Windows 11 Task Manager after installing the October 2025 optional update. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-windows-task-manager-wont-quit-after-kb5067036-update/
-
Attacken auf EU: Ungepatchte Windows-Lücke wird seit Jahren ausgenutzt
Die Sicherheitslücke ist Microsoft schon seit über einem Jahr bekannt. Bisher lehnt der Konzern es jedoch ab, einen Patch bereitzustellen. First seen on golem.de Jump to article: www.golem.de/news/attacken-auf-eu-ungepatchte-windows-luecke-wird-seit-jahren-ausgenutzt-2511-201767.html
-
Attacken auf EU: Ungepatchte Windows-Lücke wird seit Jahren ausgenutzt
Die Sicherheitslücke ist Microsoft schon seit über einem Jahr bekannt. Bisher lehnt der Konzern es jedoch ab, einen Patch bereitzustellen. First seen on golem.de Jump to article: www.golem.de/news/attacken-auf-eu-ungepatchte-windows-luecke-wird-seit-jahren-ausgenutzt-2511-201767.html
-
Windows 11 24H2/25H2 Flaw Keeps Task Manager Running After You Close It
Microsoft has acknowledged a persistent bug affecting Windows 11 versions 24H2 and 25H2 that prevents Task Manager from properly terminating when users close the application. The issue causes multiple instances of the system monitoring tool to accumulate in the background, potentially degrading device performance over time. Background Processes Pile Up Unnoticed The problem occurs when…
-
EDR-Redir V2 Evades Detection on Windows 11 by Faking Program Files
Security researcher TwoSevenOneT has released EDR-Redir V2, an upgraded evasion tool that exploits Windows bind link technology to bypass endpoint detection and response solutions on Windows 11. The new version demonstrates a sophisticated approach to redirecting security software by manipulating parent directories rather than directly targeting protected EDR folders. Novel Attack Methodology Targets Parent Folders…
-
Chinese APT UNC6384 Pivots to Europe, Exploits Windows LNK Flaw to Deploy PlugX via Canon DLL Sideloading
The post Chinese APT UNC6384 Pivots to Europe, Exploits Windows LNK Flaw to Deploy PlugX via Canon DLL Sideloading appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/chinese-apt-unc6384-pivots-to-europe-exploits-windows-lnk-flaw-to-deploy-plugx-via-canon-dll-sideloading/
-
Developer puts Windows 7 on a crash diet, drops it to down to 69 MB
Tags: windowsTrim down for obsolete operating system leaves it booting, but not much else First seen on theregister.com Jump to article: www.theregister.com/2025/10/31/windows_7_limbos_down_to/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69
Tags: attack, data-breach, hacking, international, linux, malware, ransomware, threat, tool, windowsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques Uncovering Qilin attack methods exposed through multiple cases Mem3nt0 mori The Hacking Team is back! Insider Threats Loom […]…
-
Developer puts Windows 7 on a crash diet, drops it to down to 69 MB
Tags: windowsTrim down for obsolete operating system leaves it booting, but not much else First seen on theregister.com Jump to article: www.theregister.com/2025/10/31/windows_7_limbos_down_to/
-
Security Affairs newsletter Round 548 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government China-linked UNC6384 exploits Windows zero-day…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69
Tags: attack, data-breach, hacking, international, linux, malware, ransomware, threat, tool, windowsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques Uncovering Qilin attack methods exposed through multiple cases Mem3nt0 mori The Hacking Team is back! Insider Threats Loom […]…
-
Security Affairs newsletter Round 548 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government China-linked UNC6384 exploits Windows zero-day…
-
YouTube’s AI moderator pulls Windows 11 workaround videos, calls them dangerous
Creators baffled as videos on local accounts, unsupported PCs vanish under ‘harmful acts’ rule First seen on theregister.com Jump to article: www.theregister.com/2025/10/31/ai_moderation_youtube_windows11_workaround/
-
Windows 11 Build 26220.7051 released with “Ask Copilot” feature
Tags: windowsWindows 11 Build 26220.7051 is now rolling out to testers in the Windows Insider Program, and there are at least three new features, including Ask Copilot in the taskbar. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-build-262207051-released-with-ask-copilot-feature/
-
Windows 11 Build 26220.7051 released with three features for Insiders
Tags: windowsWindows 11 Build 26220.7051 is now rolling out to testers in the Windows Insider Program, and there are at least three new features, including Ask Copilot in the taskbar. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-build-262207051-released-with-three-features-for-insiders/
-
China-linked UNC6384 exploits Windows zero-day to spy on European diplomats
A China-linked APT group UNC6384 exploits a Windows zero-day in an active cyber espionage targeting European diplomats. Arctic Wolf Labs researchers uncovered a cyber espionage campaign by China-linked APT UNC6384 targeting diplomatic entities in Hungary, Belgium, and other EU nations. UNC6384 is a China-nexus actor recently detailed by Google TAG, has expanded from targeting Southeast…
-
Cyber agencies produce ‘long overdue’ best practices for securing Microsoft Exchange Server
The guidance: The guidance states admins should treat on-prem Exchange servers as being “under imminent threat,” and itemizes key practices for admins:First, it notes, “the most effective defense against exploitation is ensuring all Exchange servers are running the latest version and Cumulative Update (CU)”;It points out that Microsoft Exchange Server Subscription Edition (SE) is the…
-
Cyber agencies produce ‘long overdue’ best practices for securing Microsoft Exchange Server
The guidance: The guidance states admins should treat on-prem Exchange servers as being “under imminent threat,” and itemizes key practices for admins:First, it notes, “the most effective defense against exploitation is ensuring all Exchange servers are running the latest version and Cumulative Update (CU)”;It points out that Microsoft Exchange Server Subscription Edition (SE) is the…
-
Chinese hackers target Western diplomats using hardpatch Windows shortcut flaw
Tags: access, attack, china, control, cyber, endpoint, exploit, flaw, group, hacker, intelligence, mitigation, monitoring, rat, russia, threat, ukraine, update, vulnerability, windowsMitigation: In the absence of a patch, organizations worried about .LNK attacks should consider blocking .LNK files or disabling their execution in Windows Explorer, Arctic Wolf advised.”This should be put in place across all Windows systems, prioritizing endpoints used by personnel with access to sensitive diplomatic or policy information. While this vulnerability was disclosed in…
-
UNC6384 Targets European Diplomatic Entities With Windows Exploit
The spear-phishing campaign uses fake European Commission and NATO-themed lures to trick diplomatic personnel into clicking malicious links. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/unc6384-european-diplomat-windows
-
Two Windows vulnerabilities, one a 0-day, are under active exploitation
Both vulnerabilities are being exploited in broad, wide-scale operations. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/two-windows-vulnerabilities-one-a-0-day-are-under-active-exploitation/
-
Windows 11 tests shared Bluetooth audio support, but only for AI PCs
If you have two headphones, speakers, earbuds, or any other Bluetooth hardware, you can now use both simultaneously on a Copilot+ PC. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-tests-shared-bluetooth-audio-support-but-only-for-ai-pcs/
-
UNC6384 Exploits Zero-Day to Target European Diplomats
Chinese-linked group UNC6384 targets European diplomats with a Windows shortcut exploit to deploy PlugX malware. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/news-unc6384-attack/
-
Microsoft gives Windows 11 a fresh Start here’s how to get it
More convenient layout saves you a click First seen on theregister.com Jump to article: www.theregister.com/2025/10/29/microsofts_new_windows_start_menu/
-
Windows Server Update Service exploitation ensnares at least 50 victims
Researchers warn hackers could be gathering intelligence for future attacks, and authorities warn users to apply patches and check for compromise. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/windows-server-update-service-exploitation-50-victims/804362/
-
Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/31/zdi-can-25373-cve-2025-9491-exploited-again/
-
Attackers Exploit Windows Server Update Services Flaw to Steal Sensitive Organizational Data
Tags: authentication, breach, cve, cyber, data, exploit, flaw, network, remote-code-execution, service, sophos, threat, update, vulnerability, windowsSophos researchers have identified real-world exploitation of a newly disclosed vulnerability in Windows Server Update Services (WSUS), where threat actors are harvesting sensitive data from organizations worldwide. The critical remote code execution flaw, tracked as CVE-2025-59287, has become a prime target for attackers seeking to breach enterprise networks and extract valuable information without authentication requirements.…