Tag: windows
-
Microsoft says Windows September updates break SMBv1 shares
Microsoft has confirmed that the September 2025 Windows security updates are causing connection issues to Server Message Block (SMB) v1 shares. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-says-windows-september-updates-break-smbv1-shares/
-
Microsoft says Windows September updates break SMBv1 shares
Microsoft has confirmed that the September 2025 Windows security updates are causing connection issues to Server Message Block (SMB) v1 shares. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-says-windows-september-updates-break-smbv1-shares/
-
Microsoft Warns Windows 11 23H2 Support Ending in 60 Days
Microsoft has issued an urgent reminder to enterprise and educational institutions worldwide about the impending end of support for Windows 11 version 22H2. With just 60 days remaining, organizations must prepare for the October 14, 2025, deadline when critical security updates will cease for Enterprise, Education, and IoT Enterprise editions. Timeline showing Windows 10 and…
-
DarkCloud Stealer Targets Financial Firms via Weaponized RAR Files
August 2025 saw a dramatic surge in targeted attacks by the DarkCloud Stealer against financial institutions worldwide. CyberProof’s MDR analysts and threat hunters identified a wave of phishing emails bearing malicious RAR archives designed to prey on Windows users. Once executed, these archives unleashed a multi”stage payload engineered to siphon login credentials from email clients,…
-
9 unverzichtbare Open-Source-Security-Tools
Tags: attack, authentication, backdoor, blueteam, breach, ciso, cyersecurity, data-breach, encryption, incident response, intelligence, linux, mail, malware, monitoring, open-source, powershell, privacy, risk, software, sql, threat, tool, vulnerability, windowsDiese Open-Source-Tools adressieren spezifische Security-Probleme mit minimalem Footprint.Cybersicherheitsexperten verlassen sich in diversen Bereichen auf Open-Source-Lösungen nicht zuletzt weil diese im Regelfall von einer lebendigen und nutzwertigen Community gestützt werden. Aber auch weil es inzwischen Hunderte qualitativ hochwertiger, quelloffener Optionen gibt, um Breaches und Datenlecks auf allen Ebenen des Unternehmens-Stacks zu verhindern.Falls Sie nun gedanklich bereits…
-
Microsoft reminds of Windows 10 support ending in 30 days
On Friday, Microsoft reminded customers once again that Windows 10 will reach its end of support in 30 days, on October 14. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-reminds-of-windows-10-support-ending-in-30-days/
-
Why Hybrid Windows Environments are Still a Security Blind Spot
5 min readHybrid Windows environments pose a security risk due to outdated identity controls. Relying on static credentials and fragmented visibility, these setups are vulnerable. Modernization with workload identity federation, conditional access, and centralized monitoring is crucial to close security gaps. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/why-hybrid-windows-environments-are-still-a-security-blind-spot/
-
New Windows 11 Flaw Slips In Through Old Patch
A Microsoft fix introduced CVE-2025-53136, leaking kernel addresses in Windows 11/Server 2022. Learn risks and how to stay protected. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/windows-11-flaw-sept-2025/
-
SEO Poisoning Attack Hits Windows Users With Hiddengh0st and Winos Malware
New SEO poisoning campaign exposed! FortiGuard Labs reveals how attackers trick users with fake websites to deliver Hiddengh0st… First seen on hackread.com Jump to article: hackread.com/seo-poisoning-attack-windows-hiddengh0st-winos-malware/
-
Windows 11 23H2 Home and Pro reach end of support in 60 days
Microsoft has reminded customers today that devices running Home and Pro editions of Windows 11 23H2 will stop receiving updates in November. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-23h2-home-and-pro-reach-end-of-support-in-60-days/
-
Microsoft Windows Defender Firewall Vulnerabilities Allow Privilege Escalation
Microsoft has released security advisories for four newly discovered vulnerabilities in its Windows Defender Firewall Service that could enable attackers to elevate privileges on affected Windows systems. The flaws, tracked as CVE-2025-53808, CVE-2025-54104, CVE-2025-54109, and CVE-2025-54915, were all disclosed on September 9, 2025, and share similar characteristics. While exploitation requires local access, successful attacks could…
-
Microsoft Windows Defender Firewall Vulnerabilities Allow Privilege Escalation
Microsoft has released security advisories for four newly discovered vulnerabilities in its Windows Defender Firewall Service that could enable attackers to elevate privileges on affected Windows systems. The flaws, tracked as CVE-2025-53808, CVE-2025-54104, CVE-2025-54109, and CVE-2025-54915, were all disclosed on September 9, 2025, and share similar characteristics. While exploitation requires local access, successful attacks could…
-
Stealthy AsyncRAT flees the disk for a fileless infection
Tags: access, best-practice, control, credentials, infection, malicious, malware, monitoring, phishing, powershell, rat, theft, threat, update, windowsRAT with evasion and persistence: Once AsyncRAT was loaded, the attackers took steps to disrupt Windows defenses. The report notes techniques such as disabling Anti-malware Scan Interface (AMSI) and tampering with Event Tracking for Windows (ETW), both critical features for runtime detection. To maintain persistence, they created a scheduled task disguised as “Skype Update,” ensuring…
-
New Malware Abuses Azure Functions to Host Command and Control Infrastructure
A malicious ISO image named Servicenow-BNM-Verify.iso was uploaded to VirusTotal from Malaysia with almost no detections. The image contains four files”, two openly visible and two hidden. The visible files include a Windows shortcut, servicenow-bnm-verify.lnk, which launches PanGpHip.exe, a legitimate Palo Alto Networks binary. Hidden in the same ISO are libeay32.dll, a genuine OpenSSL library,…
-
Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts
In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group”, also known as APT-C-24 or “Rattlesnake””, has adopted a novel delivery mechanism leveraging Windows shortcut (LNK) files to orchestrate complex, multi-stage intrusions across South Asia. Active since at least 2012 and targeting governments, energy utilities, military installations, and mining operations in…
-
Nano11 cuts Windows 11 down to size, grabbing just 2.8 GB of disk space
Slicing Windows 11 to the bone while Microsoft piles on the features First seen on theregister.com Jump to article: www.theregister.com/2025/09/11/nano11_cuts_windows_11_down/
-
Microsoft to Deprecate VBScript in Windows, Urges Developers to Update Projects
Microsoft announced the phased deprecation of VBScript in Windows, significantly impacting VBA developers who rely on VBScript libraries for regular expressions and external script execution. The company outlined a comprehensive timeline and provided migration guidance to help developers future-proof their projects. Three-Phase Deprecation Timeline VBScript deprecation will occur in three distinct phases over the coming…
-
12 digital forensics certifications to accelerate your cyber career
Tags: access, apt, attack, browser, chrome, cloud, computer, corporate, cyber, cybercrime, cybersecurity, data, defense, detection, email, endpoint, exploit, google, government, group, hacker, hacking, Hardware, incident response, international, jobs, law, malicious, malware, microsoft, mobile, network, phone, service, skills, soc, technology, threat, tool, training, windowsCellebrite Certified Mobile Examiner (CCME)Certified Computer Examiner (CCE)CyberSecurity Forensic Analyst (CSFA)EC-Council Computer Hacking Forensic Investigator (CHFI)EnCase Certified Examiner (EnCE)Exterro AccessData Certified Examiner (ACE)GIAC Advanced Smartphone Forensics Certification (GASF)GIAC Certified Forensics Analyst (GCFA)GIAC Certified Forensic Examiner (GCFE)GIAC Cloud Forensic Responder (GCFR)GIAC Network Forensic Analysis (GNFA)Magnet Certified Forensics Examiner (MCFE) Cellebrite Certified Mobile Examiner (CCME) Out of…
-
Microsoft’s Patch Tuesday: About 80 Vulnerabilities Patched
An elevation of privilege vulnerability in the Windows NTLM authentication protocol and a flaw in Office’s Preview Pain are among the most important to patch. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-patch-tuesday-september-2025/
-
New ToneShell Variant Uses Task Scheduler COM Service to Maintain Persistence
The latest ToneShell variant introduces a notable advancement in its persistence strategy by leveraging the Windows Task Scheduler COM service. This lightweight backdoor, traditionally delivered through DLL sideloading techniques, now incorporates enhanced persistence mechanisms and sophisticated anti-analysis capabilities that pose significant challenges to security teams. Cybersecurity researchers have identified a new variant of the ToneShell…
-
Microsoft’s Patch Tuesday: About 80 Vulnerabilities Patched
An elevation of privilege vulnerability in the Windows NTLM authentication protocol and a flaw in Office’s Preview Pain are among the most important to patch. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-patch-tuesday-september-2025/
-
VirtualBox 7.2.2 Update Released with Fix for Guest GUI Crashes
Oracle has released VirtualBox 7.2.2, a critical maintenance update that addresses multiple GUI crashes and stability issues affecting users across Windows, Linux, and macOS platforms. Released on September 10, 2025, this update represents a significant improvement in the virtualization software’s reliability and user experience. Critical GUI Crash Fixes Implemented The most significant improvements in VirtualBox…
-
New ToneShell Variant Uses Task Scheduler COM Service to Maintain Persistence
The latest ToneShell variant introduces a notable advancement in its persistence strategy by leveraging the Windows Task Scheduler COM service. This lightweight backdoor, traditionally delivered through DLL sideloading techniques, now incorporates enhanced persistence mechanisms and sophisticated anti-analysis capabilities that pose significant challenges to security teams. Cybersecurity researchers have identified a new variant of the ToneShell…
-
Senator blasts Microsoft for ‘dangerous, insecure software’ that helped pwn US hospitals
Ron Wyden urges FTC to probe failure to secure Windows after attackers used Kerberoasting to cripple Ascension First seen on theregister.com Jump to article: www.theregister.com/2025/09/11/wyden_microsoft_insecure/
-
Wyden Asks FTC to Investigate Microsoft’s ‘Gross Cybersecurity Negligence’
For the second time in two years, Senator Ron Wyden is asking federal regulators to investigate Microsoft’s cybersecurity practices, saying the ongoing weaknesses in the Windows OS is making federal agencies, critical infrastructure, and corporations vulnerable to ransomware and other cyberthreats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/wyden-asks-ftc-to-investigate-microsofts-gross-cybersecurity-negligence/
-
Microsoft’s September Security Update High-Risk Vulnerability Notice for Multiple Products
Overview On September 10, NSFOCUS CERT detected that Microsoft released the September Security Update patch, fixing 86 security issues involving widely used products such as Windows, Microsoft Office, Azure, and Microsoft SQL Server, including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this month,…The…
-
Palo Alto Networks User-ID Agent Flaw Leaks Passwords in Cleartext
Tags: credentials, cve, cvss, cyber, data-breach, flaw, leak, network, password, service, vulnerability, windowsA newly disclosed vulnerability in the Palo Alto Networks User-ID Credential Agent on Windows systems allows service account passwords to be exposed in cleartext under certain non-default configurations. Tracked as CVE-2025-4235, the flaw carries a CVSS base score of 4.2 (Medium) and has been assigned a Moderate urgency level. Palo Alto Networks released details and…
-
ZynorRAT Exploits Windows and Linux Systems to Gain Remote Access
During a recent threat hunting exercise, the Sysdig Threat Research Team (TRT) identified a new sample dubbed ZynorRAT. This Go-based Remote Access Trojan (RAT) delivers a comprehensive suite of custom command-and-control (C2) capabilities for both Linux and Windows systems. First uploaded to VirusTotal on July 8, 2025, ZynorRAT exhibits no significant overlap with known malware…
-
Wyden Urges FTC to Investigate Microsoft Over Weak RC4 Encryption Enabling Kerberoasting
Tags: attack, cyber, cybersecurity, encryption, finance, infrastructure, microsoft, ransomware, software, vulnerability, windowsSenator Ron Wyden has formally requested the Federal Trade Commission investigate Microsoft for cybersecurity negligence that has enabled ransomware attacks against critical infrastructure organizations nationwide. In a September 10 letter to FTC Chair Andrew Ferguson, Wyden detailed how Microsoft’s dangerous software engineering decisions have made Windows systems extremely vulnerable to sophisticated cyberattacks. The senator’s investigation…
-
Wyden calls on FTC to investigate Microsoft for ‘gross cybersecurity negligence’ in protecting critical infrastructure
The Oregon senator said Microsoft’s default settings for Windows and other products are enabling ransomware attacks, like the one against Ascension hospital system in 2024. First seen on cyberscoop.com Jump to article: cyberscoop.com/ron-wyden-ftc-microsoft-default-security-flaws-rc4-kerberoasting-ascension-ransomware/