Tag: windows

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Jan 2, 2026 3:52 PM

Tags: access, attack, control, government, india, rat, threat, windows

The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT) that grants them persistent control over compromised hosts.”The campaign employs deceptive delivery techniques, including a weaponized Windows shortcut (LNK) file masquerading as a legitimate PDF document…
Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Jan 2, 2026 3:52 PM

Tags: access, attack, control, government, india, rat, threat, windows

The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT) that grants them persistent control over compromised hosts.”The campaign employs deceptive delivery techniques, including a weaponized Windows shortcut (LNK) file masquerading as a legitimate PDF document…
Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Jan 2, 2026 3:52 PM

Tags: access, attack, control, government, india, rat, threat, windows

The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT) that grants them persistent control over compromised hosts.”The campaign employs deceptive delivery techniques, including a weaponized Windows shortcut (LNK) file masquerading as a legitimate PDF document…
Support-Ende Windows 10, Azure & Co – Diese Produkte mustert Microsoft 2026 aus

Jan 2, 2026 7:52 AM

Tags: microsoft, windows

First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-support-ende-ausmusterung-2026-windows-office-azure-a-8ea68ba18b8ce897d7e6866f03c0021d/
Top 10 Cybersecurity Predictions for 2026

Jan 1, 2026 10:52 AM

Tags: access, ai, api, application-security, attack, authentication, automation, awareness, backdoor, backup, best-practice, blockchain, breach, business, ceo, china, ciso, cloud, communications, compliance, computer, computing, conference, control, corporate, crypto, cryptography, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, deep-fake, defense, detection, disinformation, email, encryption, espionage, exploit, extortion, finance, fraud, governance, government, group, hacker, hacking, healthcare, identity, incident response, infrastructure, intelligence, Internet, iran, korea, law, linkedin, LLM, malicious, malware, mfa, military, monitoring, msp, mssp, network, nist, north-korea, organized, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, russia, scam, service, skills, soc, social-engineering, software, strategy, supply-chain, tactics, technology, theft, threat, tool, training, ukraine, update, vulnerability, vulnerability-management, warfare, windows, zero-day

Top 10 Cybersecurity Predictions for 2026 The year AI changes cybersecurity forever Cybersecurity predictions are an opportunity to look forward instead of back, to be proactive instead of reactive, and to consider how changes in attackers, technology, and the security industry will impact the sustainability of managing cyber risks. Gaining future insights to the threats, targets,…
APT36 Targets Indian Government Systems Using Malicious Windows LNK Files

Dec 31, 2025 6:52 PM

Tags: cyber, detection, espionage, government, india, infection, malicious, threat, windows

A sophisticated cyber-espionage operation attributed to APT36, also known as Transparent Tribe, has been identified targeting Indian governmental, academic, and strategic entities through weaponized Windows shortcut files designed to evade detection and establish persistent remote access. The Pakistan-aligned threat actor deployed a deceptive LNK-based infection chain that leverages trusted system binaries and fileless execution techniques…
New AI-Enhanced Crypter Promoted as Capable of Evading Windows Defender

Dec 31, 2025 6:51 AM

Tags: ai, cyber, cybersecurity, dark-web, endpoint, malware, threat, tool, windows

Cybersecurity researchers have spotted a new high-sophistication malware loader being advertised on dark web forums, marketed as a commercial solution for evading modern endpoint protection. The tool, dubbed InternalWhisper x ImpactSolutions, is being promoted by a threat actor known as >>ImpactSolutions.
Aufrüsten oder neu kaufen? 10-Support-Ende: Viele Nutzer vor Geräte-Neukauf

Dec 29, 2025 2:55 PM

Tags: windows

First seen on security-insider.de Jump to article: www.security-insider.de/windows-10-support-ende-viele-nutzer-vor-geraete-neukauf-a-9e870edd7f707dd86da0b5bdfdb097c2/
Aufrüsten oder neu kaufen? 10-Support-Ende: Viele Nutzer vor Geräte-Neukauf

Dec 29, 2025 2:55 PM

Tags: windows

First seen on security-insider.de Jump to article: www.security-insider.de/windows-10-support-ende-viele-nutzer-vor-geraete-neukauf-a-9e870edd7f707dd86da0b5bdfdb097c2/
Aufrüsten oder neu kaufen? 10-Support-Ende: Viele Nutzer vor Geräte-Neukauf

Dec 29, 2025 2:55 PM

Tags: windows

First seen on security-insider.de Jump to article: www.security-insider.de/windows-10-support-ende-viele-nutzer-vor-geraete-neukauf-a-9e870edd7f707dd86da0b5bdfdb097c2/
Microsoft Copilot is rolling out GPT 5.2 as “Smart Plus” mode

Dec 29, 2025 1:55 PM

Tags: microsoft, mobile, windows

Microsoft is rolling out GPT 5.2 to Copilot on the web, Windows, and mobile as a free upgrade, and it’ll coexist with the GPT 5.1 model. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-copilot-is-rolling-out-gpt-52-as-smart-plus-mode/
Microsoft Copilot is rolling out GPT 5.2 as “Smart Plus” mode

Dec 29, 2025 1:55 PM

Tags: microsoft, mobile, windows

Microsoft is rolling out GPT 5.2 to Copilot on the web, Windows, and mobile as a free upgrade, and it’ll coexist with the GPT 5.1 model. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-copilot-is-rolling-out-gpt-52-as-smart-plus-mode/
MAS: Malware durch Rechtschreibfehler bei Windows-Hack

Dec 27, 2025 12:55 PM

Tags: malware, microsoft, windows

Über die Microsoft Activation Scripts (MAS) lässt sich Windows ohne Lizenz aktivieren. Ein Tippfehler bei der Domain liefert allerdings Schadsoftware. First seen on golem.de Jump to article: www.golem.de/news/mas-malware-durch-rechtschreibfehler-bei-windows-hack-2512-203619.html
Fake MAS Windows activation domain used to spread PowerShell malware

Dec 25, 2025 12:19 AM

Tags: malware, microsoft, powershell, tool, windows

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the ‘Cosmali Loader’. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-mas-windows-activation-domain-used-to-spread-powershell-malware/
Microsoft rolls out hardware-accelerated BitLocker in Windows 11

Dec 24, 2025 5:19 PM

Tags: Hardware, microsoft, windows

Microsoft is rolling out hardware-accelerated BitLocker in Windows 11 to address growing performance and security concerns by leveraging the capabilities of system-on-a-chip and CPU. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-rolls-out-hardware-accelerated-bitlocker-in-windows-11/
Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First ProofConcept Exploit for CVE-2024-49112

Dec 24, 2025 3:19 PM

Tags: access, cve, exploit, remote-code-execution, vulnerability, windows

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows Lightweight Directory Access Protocol (LDAP) remote code execution vulnerability (CVE-2024-49112). First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-cve-2024-49112-2/
Webrat turns GitHub PoCs into a malware trap

Dec 24, 2025 1:19 PM

Tags: access, attack, backdoor, control, credentials, crypto, data, exploit, github, malicious, malware, open-source, password, risk, spy, theft, vulnerability, windows

The malicious payload and behavior: Beneath the polished README, the attackers dumped a password-protected ZIP linked in the repository. The archive password was hidden in file names, something easily missable by unsuspecting eyes. Inside, the key components include a decoy DLL, a batch file to launch the malware, and the primary executable (like rasmanesc.exe) capable…
Wichtig zu wissen! – Teams kehrt in die Lizenzpakete zurück, Windows 10 erhält weiter Updates

Dec 23, 2025 10:19 AM

Tags: update, windows

First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-copilot-erweiterung-lizenzaenderungen-a-c1876f3c8b2af9ebf33fed3249c23b1a/
Windows-Denial-ofSchwachstellen – 0patch schließt RasMan-Absturzlücke vor Microsoft

Dec 23, 2025 7:19 AM

Tags: microsoft, service, vulnerability, windows

First seen on security-insider.de Jump to article: www.security-insider.de/windows-rasman-dos-0patch-micropatch-a-a7bfa24afde773245a9432273de24759/
Stealka Stealer: Fake-Roblox-Mods und Cheats plündern Krypto-Wallets

Dec 22, 2025 5:19 PM

Tags: crypto, malware, windows

Stealka Stealer ist eine neue Windows-Malware, die sich als Roblox-Mod oder Cheat tarnt und Browserdaten sowie Krypto-Wallets plündert. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/malware/stealka-stealer-fake-roblox-mods-und-cheats-pluendern-krypto-wallets-324529.html
Microsoft Brokering File System Vulnerability Enables Local Privilege Escalation

Dec 22, 2025 3:18 PM

Tags: cve, cyber, flaw, microsoft, vulnerability, windows

Microsoft has addressed a critical use-after-free vulnerability in its Brokering File System (BFS) driver that could allow attackers to escalate privileges on Windows systems. Tracked as CVE-2025-29970, the security flaw affects the bfs.sys component and was discovered by security researchers at HT3Labs. Vulnerability Overview The Brokering File System, introduced alongside Windows’ Win32 App Isolation feature…
Microsoft Patches MSMQ Flaw That Affects IIS Web Servers

Dec 19, 2025 10:19 AM

Tags: cyber, flaw, microsoft, update, vulnerability, windows

Microsoft has released an out-of-band security update to address a significant vulnerability in Message Queuing (MSMQ) functionality that impacts Windows 10 systems running IIS web servers and enterprise environments. The flaw, discovered and documented in the December 9, 2025 update (KB5071546), affects Windows 10 version 22H2 and version 21H2. The Vulnerability The MSMQ bug causes…
React2Shell is the Log4j moment for front end development

Dec 19, 2025 5:19 AM

Tags: access, advisory, ai, antivirus, attack, backdoor, backup, control, crypto, detection, endpoint, exploit, malicious, network, powershell, ransomware, risk, technology, threat, update, vulnerability, windows, zero-day

What to look for: In an attack tracked by S-RM, immediately after the threat actor gained access to a targeted company’s network, they ran a hidden PowerShell command, establishing command and control (C2) by downloading a Cobalt Strike PowerShell stager, a tactic regularly used by red teamers, and installing a beacon to allow them to…
React2Shell is the Log4j moment for front end development

Dec 19, 2025 5:19 AM

Tags: access, advisory, ai, antivirus, attack, backdoor, backup, control, crypto, detection, endpoint, exploit, malicious, network, powershell, ransomware, risk, technology, threat, update, vulnerability, windows, zero-day

What to look for: In an attack tracked by S-RM, immediately after the threat actor gained access to a targeted company’s network, they ran a hidden PowerShell command, establishing command and control (C2) by downloading a Cobalt Strike PowerShell stager, a tactic regularly used by red teamers, and installing a beacon to allow them to…
Windows 10 OOB update released to fix Message Queuing (MSMQ) issues

Dec 19, 2025 5:19 AM

Tags: update, windows

This month’s extended security update for Windows 11 broke Message Queuing (MSMQ), which is typically used by enterprises to manage background tasks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-10-oob-update-released-to-fix-message-queuing-msmq-issues/
WhatsApp accounts targeted in ‘GhostPairing’ attack

Dec 18, 2025 8:19 PM

Tags: access, attack, email, flaw, group, mobile, phishing, risk, spam, threat, windows

Defending WhatsApp: Users can check which devices are paired via WhatsApp via Settings > Linked Devices. A rogue device link will appear here. Despite having access to a user’s WhatsApp account, the attacker can’t revoke their device access, which must be initiated by the primary device. Another tip is to enable two-step PIN verification. This…
WhatsApp accounts targeted in ‘GhostPairing’ attack

Dec 18, 2025 8:19 PM

Tags: access, attack, email, flaw, group, mobile, phishing, risk, spam, threat, windows

Defending WhatsApp: Users can check which devices are paired via WhatsApp via Settings > Linked Devices. A rogue device link will appear here. Despite having access to a user’s WhatsApp account, the attacker can’t revoke their device access, which must be initiated by the primary device. Another tip is to enable two-step PIN verification. This…
China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

Dec 18, 2025 7:19 PM

Tags: attack, china, cyber, cybersecurity, espionage, group, malware, threat, windows

A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of cyber attacks targeting governmental entities in Southeast Asia and Japan.The end goal of these attacks is cyber espionage, Slovak cybersecurity company ESET said in a report published today. The threat activity cluster has been assessed to be active since at…
Microsoft bestätigt: Windows-Update macht Remote-App-Verbindungen kaputt

Dec 18, 2025 2:19 PM

Tags: microsoft, update, windows

Einige Windows-Nutzer können seit Tagen keine Apps mehr von Azure Virtual Desktop streamen. Ein Fix ist in Arbeit. Aktuell helfen nur Workarounds. First seen on golem.de Jump to article: www.golem.de/news/microsoft-bestaetigt-windows-update-macht-remote-app-verbindungen-kaputt-2512-203402.html
Microsoft December Update Breaks Critical IIS Servers

Dec 18, 2025 1:19 PM

Tags: microsoft, update, windows

The security updates delivered through KB5071546 have fundamentally broken Message Queuing (MSMQ) functionality across multiple Windows versions. The post Microsoft December Update Breaks Critical IIS Servers appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-critical-iis-servers/