Tag: windows
-
NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems
Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control (C2) purposes.According to a report from Elastic Security Labs, the malware shares code similarities with another implant codenamed FINALDRAFT (aka Squidoor) that employs Microsoft Graph API for C2. FINALDRAFT is attributed to a First…
-
NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems
Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control (C2) purposes.According to a report from Elastic Security Labs, the malware shares code similarities with another implant codenamed FINALDRAFT (aka Squidoor) that employs Microsoft Graph API for C2. FINALDRAFT is attributed to a First…
-
‘One Battle After Another” Schadcode statt Di-Caprio-Download
Torrent-Dateien für nachgefragte Filme werden von Hackern gerne missbraucht, um Schadsoftware auf den Rechnern der Nutzer auszuspielen. Aktuell beobachten die Bitdefender Labs, wie Cyberkriminelle mit vermeintlichen Torrent-Dateien zum Download des Di-Caprio-Films ‘One Battle After Another” den bekannten Remote-Access-Trojaner Agent-Tesla auf Windows-Opfersystemen installieren. Der jüngste Film der bekannten US-Schauspieler Di Caprio und Sean Penn unter der…
-
‘One Battle After Another” Schadcode statt Di-Caprio-Download
Torrent-Dateien für nachgefragte Filme werden von Hackern gerne missbraucht, um Schadsoftware auf den Rechnern der Nutzer auszuspielen. Aktuell beobachten die Bitdefender Labs, wie Cyberkriminelle mit vermeintlichen Torrent-Dateien zum Download des Di-Caprio-Films ‘One Battle After Another” den bekannten Remote-Access-Trojaner Agent-Tesla auf Windows-Opfersystemen installieren. Der jüngste Film der bekannten US-Schauspieler Di Caprio und Sean Penn unter der…
-
Microsoft’s December Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft Office, Microsoft Exchange Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this…The…
-
Microsoft’s December Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft Office, Microsoft Exchange Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this…The…
-
Microsoft fixes Windows Explorer white flashes in dark mode
Microsoft has fixed a known issue that caused bright white flashes when launching File Explorer in dark mode on Windows 11 systems after installing the KB5070311 optional update. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-explorer-white-flashes-in-dark-mode/
-
Preparing for Cisco Vulnerability Management (formerly Kenna) EndLife: How Tenable Can Help
Tags: application-security, attack, business, cisco, cve, cybersecurity, data, data-breach, flaw, identity, intelligence, Internet, risk, service, technology, threat, tool, update, vulnerability, vulnerability-management, windowsCisco Vulnerability Management (formerly Kenna) has long been a valuable partner for security teams. With its end-of-life now underway, Tenable One offers a clear path forward, delivering end-to-end unified exposure management for the future of risk management. Key takeaways: Tenable’s strong partnership with Cisco helps customers with a natural path forward and easy transition to…
-
Preparing for Cisco Vulnerability Management (formerly Kenna) EndLife: How Tenable Can Help
Tags: application-security, attack, business, cisco, cve, cybersecurity, data, data-breach, flaw, identity, intelligence, Internet, risk, service, technology, threat, tool, update, vulnerability, vulnerability-management, windowsCisco Vulnerability Management (formerly Kenna) has long been a valuable partner for security teams. With its end-of-life now underway, Tenable One offers a clear path forward, delivering end-to-end unified exposure management for the future of risk management. Key takeaways: Tenable’s strong partnership with Cisco helps customers with a natural path forward and easy transition to…
-
PowerShell 5.1 zeigt nach Dez. 2025 Update Sicherheitsabfrage bei Webseiten
Es ist in den Support-Beiträgen zum Dezember 2025-Patchday mit angegeben. Nach Installation der Windows-Updates zeigt die PowerShell 5.1 eine Sicherheitsabfrage, wenn auf den Inhalt von Webseiten zugegriffen werden soll. Mit dieser Maßnahme soll die Sicherheitslücke CVE-2025-54100 abgeschwächt werden. PowerShell-Schwachstelle CVE-2025-54100 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/12/11/powershell-5-1-zeigt-nach-dez-2025-update-sicherheitsabfrage-bei-webseiten/
-
Storm-0249 Abuses EDR Processes in Stealthy Attacks
The initial access broker has been weaponizing endpoint detection and response (EDR) platforms and Windows utilities in recent high-precision attacks. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/storm-0249-edr-processes-stealthy-attacks
-
Torrent for DiCaprio’s “One Battle After Another” Movie Drops Agent Tesla
Bitdefender researchers warn that the torrent for Leonardo DiCaprio’s One Battle After Another is a trap deploying Agent Tesla malware. Learn how the fileless LOTL attack targets unsuspecting Windows users. First seen on hackread.com Jump to article: hackread.com/dicaprio-one-battle-after-another-torrent-agent-tesla/
-
2025 Year of Browser Bugs Recap:
Tags: access, ai, api, attack, authentication, awareness, browser, cctv, chrome, cloud, communications, computer, credentials, crypto, cyber, data, data-breach, detection, edr, email, endpoint, exploit, flaw, gartner, google, guide, identity, injection, leak, login, malicious, malware, network, openai, passkey, password, phishing, ransom, ransomware, risk, saas, service, threat, tool, update, vulnerability, windows, xss, zero-dayAt the beginning of this year, we launched the Year of Browser Bugs (YOBB) project, a commitment to research and share critical architectural vulnerabilities in the browser. Inspired by the iconic Months of Bugs tradition in the 2000s, YOBB was started with a similar purpose”Š”, “Što drive awareness and discussion around key security gaps and…
-
Windows Defender Firewall Flaw Allows Attackers to Access Sensitive Data
Microsoft has officially addressed a new security vulnerability affecting the Windows Defender Firewall Service that could allow threat actors to access sensitive information on compromised systems. The flaw, identified as CVE-2025-62468, was disclosed as part of the company’s December 2025 security updates. This information disclosure vulnerability poses a risk to organizations that rely on standard…
-
FortiGuard Team Uncovers Stealth Forensic Data Within Windows Telemetry
During a recent incident response engagement, FortiGuard IR services responded to a sophisticated ransomware attack in which threat actors deployed advanced anti-forensic techniques to eliminate their digital footprint. The attackers deleted malware, cleared logs, and obfuscated tools to prevent analysis. However, FortiGuard researchers made a critical discovery: historical evidence of the deleted malware and attacker…
-
Windows Defender Firewall Flaw Allows Attackers to Access Sensitive Data
Microsoft has officially addressed a new security vulnerability affecting the Windows Defender Firewall Service that could allow threat actors to access sensitive information on compromised systems. The flaw, identified as CVE-2025-62468, was disclosed as part of the company’s December 2025 security updates. This information disclosure vulnerability poses a risk to organizations that rely on standard…
-
FortiGuard Team Uncovers Stealth Forensic Data Within Windows Telemetry
During a recent incident response engagement, FortiGuard IR services responded to a sophisticated ransomware attack in which threat actors deployed advanced anti-forensic techniques to eliminate their digital footprint. The attackers deleted malware, cleared logs, and obfuscated tools to prevent analysis. However, FortiGuard researchers made a critical discovery: historical evidence of the deleted malware and attacker…
-
Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes
Cloud security is changing. Attackers are no longer just breaking down the door; they are finding unlocked windows in your configurations, your identities, and your code.Standard security tools often miss these threats because they look like normal activity. To stop them, you need to see exactly how these attacks happen in the real world.Next week,…
-
Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes
Cloud security is changing. Attackers are no longer just breaking down the door; they are finding unlocked windows in your configurations, your identities, and your code.Standard security tools often miss these threats because they look like normal activity. To stop them, you need to see exactly how these attacks happen in the real world.Next week,…
-
Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days
Microsoft closed out 2025 with patches for 56 security flaws in various products across the Windows platform, including one vulnerability that has been actively exploited in the wild.Of the 56 flaws, three are rated Critical, and 53 are rated Important in severity. Two other defects are listed as publicly known at the time of the…
-
U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2025-6218 is a WinRAR directory traversal flaw (formerly…
-
Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day
Microsoft Patch Tuesday security updates for December 2025 address 57 vulnerabilities, including three critical flaws. Microsoft Patch Tuesday security updates for December 2025 addressed 57 vulnerabilities in Windows and Windows components, Office and Office Components, Microsoft Edge (Chromium-based), Exchange Server, Azure, Copilot, PowerShell, and Windows Defender. Three vulnerabilities are rated Critical, while the rest are…
-
Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days
Microsoft closed out 2025 with patches for 56 security flaws in various products across the Windows platform, including one vulnerability that has been actively exploited in the wild.Of the 56 flaws, three are rated Critical, and 53 are rated Important in severity. Two other defects are listed as publicly known at the time of the…
-
Jetzt patchen: Attacken auf Windows-Geräte beobachtet
Angreifer bedienen sich einer Sicherheitslücke, um auf fremden Windows-Geräten Systemrechte zu erlangen. Nutzer sollten handeln. First seen on golem.de Jump to article: www.golem.de/news/jetzt-patchen-attacken-auf-windows-geraete-beobachtet-2512-203079.html
-
Jetzt patchen: Attacken auf Windows-Geräte beobachtet
Angreifer bedienen sich einer Sicherheitslücke, um auf fremden Windows-Geräten Systemrechte zu erlangen. Nutzer sollten handeln. First seen on golem.de Jump to article: www.golem.de/news/jetzt-patchen-attacken-auf-windows-geraete-beobachtet-2512-203079.html