Tag: windows

NoID Privacy-Tool zur Härtung von Windows 11 25H2

Dec 2, 2025 9:49 AM

Tags: microsoft, privacy, tool, windows

Wie lässt sich Windows 11 sicherheitstechnisch härten und in der Telemetrie begrenzen? Für Administratoren in Firmen gibt es Security-Empfehlungen von Microsoft samt Gruppenrichtlinien zum Umsetzen. Für Windows 11 in nicht verwalteten Umgebungen (Home, Pro) lässt sich das Tool NoID Privacy … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/12/02/noid-privacy-tool-zur-haertung-von-windows-11-25h2/
Windows 11 needs an XP SP2 moment, says ex-Microsoft engineer

Dec 1, 2025 7:49 PM

Tags: ai, microsoft, software, windows

Stop AI bloat, fix the operating system, implores veteran software developer Dave Plummer First seen on theregister.com Jump to article: www.theregister.com/2025/12/01/windows_needs_another_xp_sp2/
Windows 11 needs an XP SP2 moment, says ex-Microsoft engineer

Dec 1, 2025 7:49 PM

Tags: ai, microsoft, software, windows

Stop AI bloat, fix the operating system, implores veteran software developer Dave Plummer First seen on theregister.com Jump to article: www.theregister.com/2025/12/01/windows_needs_another_xp_sp2/
Microsoft gives Windows admins a legacy migration headache with WINS sunset

Dec 1, 2025 6:49 PM

Tags: attack, control, cyber, dns, exploit, hacker, infrastructure, malicious, microsoft, network, open-source, penetration-testing, risk, service, technology, tool, vulnerability, windows

Why WINS is still in use: Organizations still using WINS are likely to fall into one of two categories: those using it to support old technologies with long lifecycles such as operational technology (OT) systems, and those that have simply half-forgotten that they are still using it.”For OT stacks built around WINS/NetBIOS, replacing them isn’t…
Contagious Interview attackers go ‘full stack’ to fool developers

Dec 1, 2025 5:49 PM

Tags: attack, control, credentials, crypto, data, endpoint, exploit, github, infrastructure, intelligence, macOS, malicious, malware, open-source, social-engineering, supply-chain, theft, threat, update, windows, worm

Coding tasks lead to malware delivery: These defensive measures are effective because Contagious Interview’s entry vector relies heavily on social engineering, using fake interview tasks to trick developers into installing compromised dependencies.The campaign exploits NPM, a widely used package registry for JavaScript and Node.js, by publishing packages that appear benign but carry hidden payloads. The…
KimJongRAT Strikes Windows Users via Malicious HTA Files

Dec 1, 2025 3:49 PM

Tags: access, attack, credentials, cyber, group, korea, malicious, north-korea, windows

Security researchers have confirmed that KimJongRAT, a sophisticated remote access Trojan attributed to the Kimsuky group and believed to be backed by North Korea, is being actively distributed via weaponized .hta files targeting Windows users. The discovery reveals a carefully orchestrated attack chain designed to harvest sensitive credentials and system information from compromised machines. The…
Hackers Shift to ‘Living Off the Land’ Tactics to Evade EDR on Windows Systems

Dec 1, 2025 3:49 PM

Tags: cyber, cyberattack, edr, hacker, tactics, tool, windows

Security researchers have discovered that modern attackers are abandoning traditional offensive tools and instead weaponizing legitimate Windows utilities to conduct cyberattacks without triggering security alarms. This shift in tactics, known as >>Living Off the Land,
U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

Dec 1, 2025 10:49 AM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, linux, vulnerability, windows

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OpenPLC ScadaBR flaw, tracked as CVE-2021-26829 (CVSS score of 5.4), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a cross-site scripting (XSS) flaw that impacts Windows and Linux versions via system_settings.shtm.…
U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

Dec 1, 2025 10:49 AM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, linux, vulnerability, windows

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OpenPLC ScadaBR flaw, tracked as CVE-2021-26829 (CVSS score of 5.4), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a cross-site scripting (XSS) flaw that impacts Windows and Linux versions via system_settings.shtm.…
Microsoft bestätigt Bug: Windows-11-Update lässt Passwortin verschwinden

Dec 1, 2025 9:49 AM

Tags: microsoft, password, update, windows

Windows 11 bereitet Anwendern schon seit Monaten Probleme bei der Anmeldung mittels Passwort. Microsoft liefert bisher nur einen Workaround. First seen on golem.de Jump to article: www.golem.de/news/microsoft-bestaetigt-bug-windows-11-update-laesst-passwort-log-in-verschwinden-2512-202758.html
APT36 Deploys Python-Based ELF Malware in Targeted Attacks on Indian Government Agencies

Dec 1, 2025 7:49 AM

Tags: attack, cyber, cyberespionage, government, group, india, linux, malware, threat, windows

Pakistan-linked cyberespionage group APT36 (Transparent Tribe) has escalated its campaign against Indian government institutions with the deployment of sophisticated Python-based ELF malware specifically designed to compromise Linux-based BOSS operating environments, according to research published by CYFIRMA. The threat actor, historically focused on Windows systems, has demonstrated expanded technical maturity through multi-platform tooling that bypasses conventional…
APT36 Deploys Python-Based ELF Malware in Targeted Attacks on Indian Government Agencies

Dec 1, 2025 7:49 AM

Tags: attack, cyber, cyberespionage, government, group, india, linux, malware, threat, windows

Pakistan-linked cyberespionage group APT36 (Transparent Tribe) has escalated its campaign against Indian government institutions with the deployment of sophisticated Python-based ELF malware specifically designed to compromise Linux-based BOSS operating environments, according to research published by CYFIRMA. The threat actor, historically focused on Windows systems, has demonstrated expanded technical maturity through multi-platform tooling that bypasses conventional…
CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV

Nov 30, 2025 11:49 AM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, linux, software, vulnerability, windows, xss

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a security flaw impacting OpenPLC ScadaBR, citing evidence of active exploitation.The vulnerability in question is CVE-2021-26829 (CVSS score: 5.4), a cross-site scripting (XSS) flaw that affects Windows and Linux versions of the software via First seen on…
Microsofts Update Health Tools (KB4023057) war per RCE angreifbar

Nov 30, 2025 12:49 AM

Tags: microsoft, rce, remote-code-execution, service, tool, update, windows

Die Microsofts Update Health Tools (KB4023057) Deutsch “Integritätstools Windows Update Service-Komponenten” war in der Version 1.0 angreifbar und ermöglichte Remote Code Execution-Angriffe. In der Version 1.1 sind zumindest Systeme für den EU-Bereich geschützt, wenn ich es richtig interpretiere. … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/30/microsofts-update-health-tools-kb4023057-war-per-rce-angreifbar/
Windows updates make password login option invisible

Nov 28, 2025 7:49 PM

Tags: login, microsoft, password, update, windows

Microsoft warned users that Windows 11 updates released since August may cause the password sign-in option to disappear from the lock screen options, even though the button remains functional. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-windows-updates-hide-password-icon-on-lock-screen/
Windows-Schwachstelle CVE-2025-59287 wird für ShadowPad-Malware-Verteilung per WSUS genutzt

Nov 28, 2025 12:49 AM

Tags: cve, cvss, malware, rce, remote-code-execution, vulnerability, windows

In Windows Server gab es eine mit einem CVSS Score von 9.8 bewertete kritische RCE-Schwachstelle CVE-2025-59287 im WSUS-Teil, mit dem sich die Systeme übernehmen lassen. Die Schwachstelle wurde im Oktober 2025 mit Sicherheitsupdates geschlossen. Nun gibt es Berichte, dass Angreifer … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/28/windows-schwachstelle-cve-2025-59287-wird-fuer-shadowpad-malware-verteilung-per-wsus-genutzt/
Neues ToddyCat-Toolkit greift Outlook und Microsoft-Token an

Nov 27, 2025 2:49 PM

Tags: access, apt, backdoor, browser, chrome, cloud, cyberattack, exploit, governance, government, Internet, kaspersky, mail, microsoft, open-source, powershell, tool, update, vulnerability, windows

Die APT-Gruppe ToddyCat hat ihren Fokus auf den Diebstahl von Outlook-E-Mail-Daten und Microsoft 365-Zugriffstoken verlagert.Forscher von Kaspersky Labs haben festgestellt, dass sich die APT-Gruppe (Advanced Persistent Threat) ToddyCat jetzt darauf spezialisiert hat, Outlook-E-Mail-Daten und Microsoft 365-Zugriffstoken zu stehlen.Demnachhat die Hackerbande ihr Toolkit Ende 2024 und Anfang 2025 weiterentwickelt, um nicht nur wie bisher Browser-Anmeldedaten zu…
Dell says Windows 11 transition is far slower than Win 10 shift as PC sales stall

Nov 27, 2025 1:49 AM

Tags: ai, windows

Lessons from COVID and tariff shocks getting Mike D’s tech shop through AI-induced memory maze First seen on theregister.com Jump to article: www.theregister.com/2025/11/26/dell_q3_2026/
Dell ControlVault, Lasso, GL.iNet vulnerabilities

Nov 26, 2025 7:50 PM

Tags: cisco, firmware, software, vulnerability, windows

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed five vulnerabilities in Dell ControlVault 3 firmware and its associated Windows software, four vulnerabilities in Entr'ouvert Lasso, and one vulnerability in GL.iNet Slate AX.The vulnerabilities mentioned in this blog post have been patched by their respective First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/dell-controlvault-lasso-gl-inet-vulnerabilities/
Security keys may prompt for PIN after recent updates

Nov 26, 2025 4:49 PM

Tags: microsoft, update, windows

Microsoft warned users on Tuesday that FIDO2 security keys may prompt them to enter a PIN when signing in after installing Windows updates released since the September 2025 preview update. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fido2-security-keys-may-prompt-for-pin-after-recent-windows-updates/
Neue ClickFix-Kampagne nutzt Fake-Windows-Updates

Nov 26, 2025 3:50 PM

Tags: captcha, cyberattack, endpoint, group, malware, monitoring, phishing, powershell, social-engineering, update, windows

Cyberkriminelle nutzen eine gefälschte Windows-Update-Seite, um Mitarbeiter anzugreifen.Forscher des Security-Anbieters Huntress sind kürzlich auf eine neue ClickFix-Kampagne gestoßen, die auf Mitarbeiter in Unternehmen zielt. Laut Forschungsbericht haben die Angreifer ihre Malware dabei in den Pixeln eines Bildes versteckt, das eine Windows-Update-Seite vortäuscht. Dort werden die Benutzer aufgefordert, auf Ausführen zu klicken, um einen bösartigen Befehl…
Microsoft Teams Rolls Out New Feature For Faster Startup and Better Performance

Nov 26, 2025 12:49 PM

Tags: cyber, microsoft, startup, update, windows

Microsoft Teams is set to launch a key update for its Windows desktop client, introducing a new child process, ms-teams_modulehost.exe, to boost the performance of calling features and reduce startup times. This change separates the calling stack from the primary ms-teams.exe process, allowing better resource management and smoother meetings without altering user interfaces or workflows.…
Microsoft Teams Rolls Out New Feature For Faster Startup and Better Performance

Nov 26, 2025 12:49 PM

Tags: cyber, microsoft, startup, update, windows

Microsoft Teams is set to launch a key update for its Windows desktop client, introducing a new child process, ms-teams_modulehost.exe, to boost the performance of calling features and reduce startup times. This change separates the calling stack from the primary ms-teams.exe process, allowing better resource management and smoother meetings without altering user interfaces or workflows.…
Gamayun APT Exploits New MSC EvilTwin Vulnerability to Deliver Malicious Payloads

Nov 26, 2025 7:49 AM

Tags: apt, cyber, exploit, group, infrastructure, malicious, microsoft, powershell, social-engineering, threat, vulnerability, windows

Water Gamayun, a Russia”‘aligned advanced persistent threat (APT) group, has launched a new multi”‘stage intrusion campaign that weaponizes the recently disclosed MSC EvilTwin vulnerability in Windows Microsoft Management Console (MMC). Leveraging a blend of compromised infrastructure, social engineering, and heavily obfuscated PowerShell, the attackers exploited CVE”‘2025″‘26633 to inject malicious code into mmc.exe, ultimately delivering hidden…
New ClickFix attacks use fake Windows Update screens to fool employees

Nov 26, 2025 5:49 AM

Tags: access, attack, awareness, captcha, computer, control, data, defense, detection, edr, email, endpoint, exploit, group, infection, intelligence, malicious, malware, monitoring, network, okta, phishing, powershell, russia, tactics, threat, tool, training, update, windows

Run dialog box, Windows Terminal, or Windows PowerShell. This leads to the downloading of scripts that launch malware.Two new tactics are used in the latest ClickFix campaign, says Huntress:the use since early October of a fake blue Windows Update splash page in full-screen, displaying realistic “Working on updates” animations that eventually conclude by prompting the user to…
Zscaler Threat Hunting Discovers and Reconstructs a Sophisticated Water Gamayun APT Group Attack

Nov 26, 2025 12:49 AM

Tags: access, apt, attack, backdoor, cloud, control, credentials, cve, data, detection, exploit, government, group, infrastructure, intelligence, malicious, malware, network, open-source, password, powershell, risk, russia, social-engineering, supply-chain, tactics, theft, threat, tool, vulnerability, windows, zero-day, zero-trust

This blog is intended to share an in-depth analysis of a recent multi-stage attack attributed to the Water Gamayun advanced persistent threat group (APT). Drawing on telemetry, forensic reconstruction, and known threat intelligence, the Zscaler Threat Hunting team reconstructed how a seemingly innocuous web search led to a sophisticated exploitation of a Windows MMC vulnerability,…
Zscaler Threat Hunting Discovers and Reconstructs a Sophisticated Water Gamayun APT Group Attack

Nov 26, 2025 12:49 AM

Tags: access, apt, attack, backdoor, cloud, control, credentials, cve, data, detection, exploit, government, group, infrastructure, intelligence, malicious, malware, network, open-source, password, powershell, risk, russia, social-engineering, supply-chain, tactics, theft, threat, tool, vulnerability, windows, zero-day, zero-trust

This blog is intended to share an in-depth analysis of a recent multi-stage attack attributed to the Water Gamayun advanced persistent threat group (APT). Drawing on telemetry, forensic reconstruction, and known threat intelligence, the Zscaler Threat Hunting team reconstructed how a seemingly innocuous web search led to a sophisticated exploitation of a Windows MMC vulnerability,…
How to Sign Windows Binaries using AWS KMS?

Nov 25, 2025 3:49 PM

Tags: cloud, control, encryption, service, windows

What is AWS KMS? AWS Key Management Service (KMS) is a cloud service that allows organizations to generate, control, and maintain keys that secure their data. AWS KMS allows organizations to have a common way of dealing with keys by making encryption easier for many AWS services, programs, and operations. AWS KMS allows users to”¦…
Microsoft is speeding up the Teams desktop client for Windows

Nov 25, 2025 3:49 PM

Tags: microsoft, windows

Microsoft says it will add a new Teams call handler beginning in January 2026 to reduce launch times and boost call performance for the Windows desktop client. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-to-boost-teams-performance-with-new-call-handler/
JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

Nov 25, 2025 3:49 PM

Tags: cybersecurity, malicious, malware, phishing, update, windows

Cybersecurity researchers are calling attention to a new campaign that’s leveraging a combination of ClickFix lures and fake adult websites to deceive users into running malicious commands under the guise of a “critical” Windows security update.”Campaign leverages fake adult websites (xHamster, PornHub clones) as its phishing mechanism, likely distributed via malvertising,” Acronis said in a…