Tag: windows
-
Microsoft fixes Windows 11 audio issues confirmed in December
Microsoft has removed a safeguard hold that prevented some users from upgrading their systems to Windows 11 24H2 due to compatibility issues that were causing Bluetooth headsets and speakers to malfunction. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-11-audio-issues-confirmed-in-december/
-
Sidewinder Hackers Weaponize Nepal Protests to Spread Cross-Platform Malware
Sidewinder, a well-known advanced persistent threat (APT) group, has adapted its tactics to exploit the ongoing protests in Nepal, deploying a coordinated campaign of mobile and Windows malware alongside credential phishing. By masquerading as respected national institutions and figures, the group seeks to harvest sensitive data from users tracking the nation’s political turmoil. The protests,…
-
Microsoft says Windows September updates break SMBv1 shares
Microsoft has confirmed that the September 2025 Windows security updates are causing connection issues to Server Message Block (SMB) v1 shares. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-says-windows-september-updates-break-smbv1-shares/
-
New ransomware Yurei adopts open-source tools for double-extortion campaigns
Tags: access, attack, authentication, backup, breach, ciso, cloud, control, data, edr, extortion, flaw, intelligence, Internet, mfa, network, open-source, phishing, powershell, ransomware, resilience, risk, service, switch, threat, tool, windowsBigger risks beyond downtime: The double-extortion ransomware appears to be an early version, as it has loopholes. Ransomware often targets and deletes shadow copies to block victims from using Windows’ built-in recovery options. But Yurei did not delete the shadow copies, which, if enabled, can allow the victim to restore their files to a previous…
-
Microsoft says Windows September updates break SMBv1 shares
Microsoft has confirmed that the September 2025 Windows security updates are causing connection issues to Server Message Block (SMB) v1 shares. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-says-windows-september-updates-break-smbv1-shares/
-
Microsoft Warns Windows 11 23H2 Support Ending in 60 Days
Microsoft has issued an urgent reminder to enterprise and educational institutions worldwide about the impending end of support for Windows 11 version 22H2. With just 60 days remaining, organizations must prepare for the October 14, 2025, deadline when critical security updates will cease for Enterprise, Education, and IoT Enterprise editions. Timeline showing Windows 10 and…
-
DarkCloud Stealer Targets Financial Firms via Weaponized RAR Files
August 2025 saw a dramatic surge in targeted attacks by the DarkCloud Stealer against financial institutions worldwide. CyberProof’s MDR analysts and threat hunters identified a wave of phishing emails bearing malicious RAR archives designed to prey on Windows users. Once executed, these archives unleashed a multi”stage payload engineered to siphon login credentials from email clients,…
-
9 unverzichtbare Open-Source-Security-Tools
Tags: attack, authentication, backdoor, blueteam, breach, ciso, cyersecurity, data-breach, encryption, incident response, intelligence, linux, mail, malware, monitoring, open-source, powershell, privacy, risk, software, sql, threat, tool, vulnerability, windowsDiese Open-Source-Tools adressieren spezifische Security-Probleme mit minimalem Footprint.Cybersicherheitsexperten verlassen sich in diversen Bereichen auf Open-Source-Lösungen nicht zuletzt weil diese im Regelfall von einer lebendigen und nutzwertigen Community gestützt werden. Aber auch weil es inzwischen Hunderte qualitativ hochwertiger, quelloffener Optionen gibt, um Breaches und Datenlecks auf allen Ebenen des Unternehmens-Stacks zu verhindern.Falls Sie nun gedanklich bereits…
-
Microsoft reminds of Windows 10 support ending in 30 days
On Friday, Microsoft reminded customers once again that Windows 10 will reach its end of support in 30 days, on October 14. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-reminds-of-windows-10-support-ending-in-30-days/
-
Why Hybrid Windows Environments are Still a Security Blind Spot
5 min readHybrid Windows environments pose a security risk due to outdated identity controls. Relying on static credentials and fragmented visibility, these setups are vulnerable. Modernization with workload identity federation, conditional access, and centralized monitoring is crucial to close security gaps. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/why-hybrid-windows-environments-are-still-a-security-blind-spot/
-
New Windows 11 Flaw Slips In Through Old Patch
A Microsoft fix introduced CVE-2025-53136, leaking kernel addresses in Windows 11/Server 2022. Learn risks and how to stay protected. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/windows-11-flaw-sept-2025/
-
SEO Poisoning Attack Hits Windows Users With Hiddengh0st and Winos Malware
New SEO poisoning campaign exposed! FortiGuard Labs reveals how attackers trick users with fake websites to deliver Hiddengh0st… First seen on hackread.com Jump to article: hackread.com/seo-poisoning-attack-windows-hiddengh0st-winos-malware/
-
Windows 11 23H2 Home and Pro reach end of support in 60 days
Microsoft has reminded customers today that devices running Home and Pro editions of Windows 11 23H2 will stop receiving updates in November. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-23h2-home-and-pro-reach-end-of-support-in-60-days/
-
Microsoft Windows Defender Firewall Vulnerabilities Allow Privilege Escalation
Microsoft has released security advisories for four newly discovered vulnerabilities in its Windows Defender Firewall Service that could enable attackers to elevate privileges on affected Windows systems. The flaws, tracked as CVE-2025-53808, CVE-2025-54104, CVE-2025-54109, and CVE-2025-54915, were all disclosed on September 9, 2025, and share similar characteristics. While exploitation requires local access, successful attacks could…
-
Microsoft Windows Defender Firewall Vulnerabilities Allow Privilege Escalation
Microsoft has released security advisories for four newly discovered vulnerabilities in its Windows Defender Firewall Service that could enable attackers to elevate privileges on affected Windows systems. The flaws, tracked as CVE-2025-53808, CVE-2025-54104, CVE-2025-54109, and CVE-2025-54915, were all disclosed on September 9, 2025, and share similar characteristics. While exploitation requires local access, successful attacks could…
-
Stealthy AsyncRAT flees the disk for a fileless infection
Tags: access, best-practice, control, credentials, infection, malicious, malware, monitoring, phishing, powershell, rat, theft, threat, update, windowsRAT with evasion and persistence: Once AsyncRAT was loaded, the attackers took steps to disrupt Windows defenses. The report notes techniques such as disabling Anti-malware Scan Interface (AMSI) and tampering with Event Tracking for Windows (ETW), both critical features for runtime detection. To maintain persistence, they created a scheduled task disguised as “Skype Update,” ensuring…
-
New Malware Abuses Azure Functions to Host Command and Control Infrastructure
A malicious ISO image named Servicenow-BNM-Verify.iso was uploaded to VirusTotal from Malaysia with almost no detections. The image contains four files”, two openly visible and two hidden. The visible files include a Windows shortcut, servicenow-bnm-verify.lnk, which launches PanGpHip.exe, a legitimate Palo Alto Networks binary. Hidden in the same ISO are libeay32.dll, a genuine OpenSSL library,…
-
Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts
In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group”, also known as APT-C-24 or “Rattlesnake””, has adopted a novel delivery mechanism leveraging Windows shortcut (LNK) files to orchestrate complex, multi-stage intrusions across South Asia. Active since at least 2012 and targeting governments, energy utilities, military installations, and mining operations in…
-
Nano11 cuts Windows 11 down to size, grabbing just 2.8 GB of disk space
Slicing Windows 11 to the bone while Microsoft piles on the features First seen on theregister.com Jump to article: www.theregister.com/2025/09/11/nano11_cuts_windows_11_down/
-
Microsoft to Deprecate VBScript in Windows, Urges Developers to Update Projects
Microsoft announced the phased deprecation of VBScript in Windows, significantly impacting VBA developers who rely on VBScript libraries for regular expressions and external script execution. The company outlined a comprehensive timeline and provided migration guidance to help developers future-proof their projects. Three-Phase Deprecation Timeline VBScript deprecation will occur in three distinct phases over the coming…
-
12 digital forensics certifications to accelerate your cyber career
Tags: access, apt, attack, browser, chrome, cloud, computer, corporate, cyber, cybercrime, cybersecurity, data, defense, detection, email, endpoint, exploit, google, government, group, hacker, hacking, Hardware, incident response, international, jobs, law, malicious, malware, microsoft, mobile, network, phone, service, skills, soc, technology, threat, tool, training, windowsCellebrite Certified Mobile Examiner (CCME)Certified Computer Examiner (CCE)CyberSecurity Forensic Analyst (CSFA)EC-Council Computer Hacking Forensic Investigator (CHFI)EnCase Certified Examiner (EnCE)Exterro AccessData Certified Examiner (ACE)GIAC Advanced Smartphone Forensics Certification (GASF)GIAC Certified Forensics Analyst (GCFA)GIAC Certified Forensic Examiner (GCFE)GIAC Cloud Forensic Responder (GCFR)GIAC Network Forensic Analysis (GNFA)Magnet Certified Forensics Examiner (MCFE) Cellebrite Certified Mobile Examiner (CCME) Out of…
-
Microsoft’s Patch Tuesday: About 80 Vulnerabilities Patched
An elevation of privilege vulnerability in the Windows NTLM authentication protocol and a flaw in Office’s Preview Pain are among the most important to patch. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-patch-tuesday-september-2025/
-
New ToneShell Variant Uses Task Scheduler COM Service to Maintain Persistence
The latest ToneShell variant introduces a notable advancement in its persistence strategy by leveraging the Windows Task Scheduler COM service. This lightweight backdoor, traditionally delivered through DLL sideloading techniques, now incorporates enhanced persistence mechanisms and sophisticated anti-analysis capabilities that pose significant challenges to security teams. Cybersecurity researchers have identified a new variant of the ToneShell…
-
Microsoft’s Patch Tuesday: About 80 Vulnerabilities Patched
An elevation of privilege vulnerability in the Windows NTLM authentication protocol and a flaw in Office’s Preview Pain are among the most important to patch. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-patch-tuesday-september-2025/
-
VirtualBox 7.2.2 Update Released with Fix for Guest GUI Crashes
Oracle has released VirtualBox 7.2.2, a critical maintenance update that addresses multiple GUI crashes and stability issues affecting users across Windows, Linux, and macOS platforms. Released on September 10, 2025, this update represents a significant improvement in the virtualization software’s reliability and user experience. Critical GUI Crash Fixes Implemented The most significant improvements in VirtualBox…
-
New ToneShell Variant Uses Task Scheduler COM Service to Maintain Persistence
The latest ToneShell variant introduces a notable advancement in its persistence strategy by leveraging the Windows Task Scheduler COM service. This lightweight backdoor, traditionally delivered through DLL sideloading techniques, now incorporates enhanced persistence mechanisms and sophisticated anti-analysis capabilities that pose significant challenges to security teams. Cybersecurity researchers have identified a new variant of the ToneShell…
-
Senator blasts Microsoft for ‘dangerous, insecure software’ that helped pwn US hospitals
Ron Wyden urges FTC to probe failure to secure Windows after attackers used Kerberoasting to cripple Ascension First seen on theregister.com Jump to article: www.theregister.com/2025/09/11/wyden_microsoft_insecure/
-
Wyden Asks FTC to Investigate Microsoft’s ‘Gross Cybersecurity Negligence’
For the second time in two years, Senator Ron Wyden is asking federal regulators to investigate Microsoft’s cybersecurity practices, saying the ongoing weaknesses in the Windows OS is making federal agencies, critical infrastructure, and corporations vulnerable to ransomware and other cyberthreats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/wyden-asks-ftc-to-investigate-microsofts-gross-cybersecurity-negligence/
-
Microsoft’s September Security Update High-Risk Vulnerability Notice for Multiple Products
Overview On September 10, NSFOCUS CERT detected that Microsoft released the September Security Update patch, fixing 86 security issues involving widely used products such as Windows, Microsoft Office, Azure, and Microsoft SQL Server, including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this month,…The…
-
Palo Alto Networks User-ID Agent Flaw Leaks Passwords in Cleartext
Tags: credentials, cve, cvss, cyber, data-breach, flaw, leak, network, password, service, vulnerability, windowsA newly disclosed vulnerability in the Palo Alto Networks User-ID Credential Agent on Windows systems allows service account passwords to be exposed in cleartext under certain non-default configurations. Tracked as CVE-2025-4235, the flaw carries a CVSS base score of 4.2 (Medium) and has been assigned a Moderate urgency level. Palo Alto Networks released details and…