Tag: windows
-
Windows 10 länger nutzen: So sicherst du dir ein Jahr zusätzlichen Support
Tags: windowsFirst seen on t3n.de Jump to article: t3n.de/news/windows-10-laenger-nutzen-so-sicherst-du-dir-ein-jahr-zusaetzlichen-support-1700273/
-
New Attack Uses Windows Shortcut Files to Install REMCOS Backdoor
Security firm Point Wild has exposed a new malware campaign using malicious LNK files to install the REMCOS backdoor. This report details how attackers disguise files to gain full system control. First seen on hackread.com Jump to article: hackread.com/attack-windows-shortcut-files-install-remcos-backdoor/
-
Black Hat 2025: Latest news and insights
Tags: access, ai, api, attack, ciso, cloud, conference, crowdstrike, cvss, cyber, cybersecurity, data, defense, email, exploit, finance, firmware, flaw, group, hacker, hacking, identity, Internet, LLM, malicious, malware, reverse-engineering, sap, service, threat, tool, training, update, usa, vulnerability, windowsBlack Hat USAAugust 2-7, 2025Las Vegas, NVBlack Hat USA 2025 returns to the Mandalay Bay Convention Center in Las Vegas on August 2-7. The annual event is a perennial magnet for cybersecurity professionals, researchers, vendors and othersThe week kicks off on August 2 with four days of cybersecurity training courses. The courses cover a range…
-
Spielerisch gehackt: Forscher umgeht ChatGPT-Schutz und kassiert echte Windows-Lizenzen
First seen on t3n.de Jump to article: t3n.de/news/forscher-umgeht-chatgpt-schutz-und-kassiert-echte-windows-lizenzen-1696521/
-
How bright are AI agents? Not very, recent reports suggest
CSOs should ‘skip the fluff’: Meghu’s advice to CSOs: Stop reading the marketing and betting too much of your business on AI/LLM technology as it exists today. Start small and always have a human operator to guide it.”If you skip the fluff and get to the practical application, we have a new technology that could…
-
Anubis Ransomware Targets Android and Windows Users to Encrypt Files and Steal Credentials
Ransomware activity has skyrocketed in the ever-evolving cyber threat landscape, with Bitsight’s State of the Underground 2025 study indicating a 53% increase in ransomware group-operated leak sites and a roughly 25% increase in unique victims reported on leak sites throughout 2024. Amid this escalation, the Anubis ransomware variant has emerged as a formidable player, first…
-
Proton launches free standalone cross-platform Authenticator app
Proton has launched Proton Authenticator, a free standalone two-factor authentication (2FA) application for Windows, macOS, Linux, Android, and iOS. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/proton-launches-free-standalone-cross-platform-authenticator-app/
-
Silver Fox Hackers Exploit Weaponized Google Translate Tools to Deliver Windows Malware
The Knownsec 404 Advanced Threat Intelligence Team has lately discovered increased activity from the Silver Fox cybercrime gang, which has been using fake versions of popular programs as weapons to spread malware in a complex cyber threat landscape. Tracing back to 2024, these attacks often masquerade as legitimate Google Translate interfaces, employing deceptive JavaScript redirects…
-
Applying Tenable’s Risk-based Vulnerability Management to the Australian Cyber Security Centre’s Essential Eight
Tags: ai, attack, breach, business, cloud, compliance, container, control, cvss, cyber, cybersecurity, data, data-breach, defense, endpoint, finance, firewall, framework, google, government, identity, incident response, infrastructure, intelligence, Internet, microsoft, mitigation, network, ransomware, risk, service, software, strategy, technology, threat, tool, update, vpn, vulnerability, vulnerability-management, windows, zero-dayLearn how Thales Cyber Services uses Tenable to help customers navigate the maturity levels of the Essential Eight, enabling vulnerability management and staying ahead of cyber threats. In today’s fast-moving digital world, cyber threats are more advanced and relentless than ever. A single security breach can mean financial loss, reputational damage and operational chaos. That’s…
-
Threat Actors Use LNK Files to Deploy RedLoader Malware on Windows Systems
Sophos analysts have identified a novel infection chain employed by the financially motivated cybercriminal group GOLD BLADE, also known as RedCurl, Red Wolf, and Earth Kapre, to deploy their custom RedLoader malware on Windows systems. This group, active since 2018 and specializing in commercial espionage, has been observed using highly targeted phishing emails to infiltrate…
-
Ransomware upstart Gunra goes cross-platform with encryption upgrades
Tags: attack, breach, control, data, detection, encryption, endpoint, group, healthcare, linux, ransomware, update, vmware, windows-r” or “ratio” parameter. The “-l” or the “limit” parameter is used to control how much of the file gets encrypted. If no value is provided, the entire file is encrypted,” Trend Micro added.Additionally, the variant offers flexible key-storage options for RSA-encrypted keys. Using the “-s” or ““, store” parameter makes the ransomware save each…
-
BeyondTrust Privilege Management Flaw Lets Hackers Escalate System Access
BeyondTrust has disclosed a critical privilege escalation vulnerability in its Privilege Management for Windows solution that could allow local authenticated attackers to gain administrator-level access to compromised systems. The security flaw, tracked as CVE-2025-2297, affects versions before 25.4.270.0 and carries a CVSSv4 score of 7.2, classified as high severity. Vulnerability Details and Impact The vulnerability stems…
-
New Gunra Ransomware Linux Variant Launches 100 Encryption Threads with Partial Encryption Feature
The new Gunra group has expanded its attack surface beyond Windows PCs by releasing a Linux version of their virus, which was initially discovered in April 2025. This is a major uptick in the ransomware ecosystem. This development underscores the group’s strategic pivot toward cross-platform targeting, inspired by predecessors like Conti ransomware. Trend Micro’s threat…
-
Chrome Vulnerabilities Allow Attackers to Hijack Memory and Run Malicious Code
Google has released an emergency security update for its Chrome browser to address critical vulnerabilities that could allow attackers to hijack system memory and execute malicious code on affected devices. The Stable channel has been updated to version 138.0.7204.183/.184 for Windows and Mac systems, and 138.0.7204.183 for Linux, with the rollout scheduled over the coming…
-
Coyote Trojan Turns Accessibility Into Attack Surface
Brazil-Targeting Malware Exploits Windows UIA to Evade Detection. A banking Trojan long confined to Brazil has become the first known malware to exploit Microsoft’s UI Automation framework to extract credentials, signaling a new tactic that may evade conventional detection. Akamai’s findings point to a growing trend of attackers using legitimate system features. First seen on…
-
Nimble ‘Gunra’ Ransomware Evolves With Linux Variant
The emerging cybercriminal gang, which initially targeted Microsoft Windows systems, is looking to go cross-platform using sophisticated, multithread encryption. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/nimble-gunra-ransomware-linux-variant
-
New XWorm V6 Variant with Anti-Analysis Features Targeting Windows Users in Active Attacks
Netskope Threat Labs has uncovered a new iteration of the XWorm malware, version 6.0, which demonstrates ongoing development by threat actors and introduces sophisticated enhancements aimed at evading detection and maintaining persistence on Windows systems. This variant builds upon previously documented infection chains, incorporating advanced anti-analysis techniques and process protection mechanisms that make it particularly…
-
Kostenloses Recovery-Tool für Windows 10/11 – Gelöschte Daten zuverlässig wiederherstellen mit Puran File Recovery
First seen on security-insider.de Jump to article: www.security-insider.de/geloeschte-daten-zuverlaessig-wiederherstellen-mit-puran-file-recovery-a-d2a2b2f8ea1736ea28d343100fe9b43f/
-
Hackers Exploit IIS Servers with New Web Shell Script for Full Remote Control
Tags: control, cyber, exploit, hacker, incident response, Internet, microsoft, middle-east, service, windowsSecurity researchers have examined a complex online shell script called UpdateChecker.aspx that was installed on compromised Internet Information Services (IIS) servers in response to a notable increase in cyberthreats directed at Microsoft Windows installations. This analysis stems from a follow-up investigation by FortiGuard’s Incident Response Team into a prolonged intrusion at a Middle East critical…
-
Windows auf veraltete libcurl-Bibliotheken in Programmen überprüfen
Ich hatte es schon mal im Blog: Microsoft liefert die cURL-Bibliothek häufiger mit veralteten Versionen, die Sicherheitslücken aufweisen, aus. Auch Software-Pakete kommen mit uralten libcurl-Dateien daher. Wie kann ich prüfen, ob da irgendwelche Altlasten auf meinen Systemen schlummern? Was sind … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/29/software-und-die-veralteten-libcurl-bibliotheken/
-
Raven Stealer Malware Exploits Telegram to Steal Logins, Payment Data, and Autofill Info
Raven Stealer has emerged as sophisticated, lightweight information-stealing malware crafted in Delphi and C++, targeting Windows systems with a focus on extracting sensitive data like logins, payment details, and autofill information from Chromium-based browsers such as Chrome and Edge. First spotted on GitHub on July 15, 2025, this malware operates with high stealth, requiring minimal…
-
Windows 11 is a minefield of micro-aggressions in the shipping lane of progress
A better minesweeper is needed. Time for an intervention to save Microsoft from itself First seen on theregister.com Jump to article: www.theregister.com/2025/07/28/windows_11_is_a_minefield/
-
Microsoft will stop supporting Windows 11 22H2 in October
Microsoft has reminded customers today that the last supported editions of Windows 11 22H2 will reach their end of servicing on October 14. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-will-stop-supporting-windows-11-22h2-in-october/
-
Hackers Exploit Official Gaming Mouse Software to Spread Windows-based Xred Malware
Gaming peripheral manufacturer Endgame Gear has disclosed a security incident involving malware-infected software distributed through their official website, affecting users who downloaded the OP1w 4k v2 mouse configuration tool between June 26 and July 9, 2025. The company has issued an urgent security advisory and implemented immediate remediation measures while the investigation into the breach…
-
Beware of Fake Error Pages Deploying Platform-Specific Malware on Linux and Windows Systems
Tags: cloud, crypto, cyber, data-breach, exploit, infrastructure, linux, malware, remote-code-execution, scam, service, windowsWiz Research has uncovered an active cryptomining campaign, dubbed Soco404, that exploits misconfigurations in PostgreSQL databases and other cloud services to deploy platform-specific malware on both Linux and Windows systems. This operation, part of a broader crypto-scam infrastructure, leverages opportunistic scanning for exposed services, abusing features like PostgreSQL’s COPY FROM PROGRAM for remote code execution…
-
New Gunra Ransomware Targets Windows Systems, Encrypts Files, and Erases Shadow Copies
AhnLab’s Threat Intelligence Platform (TIP) has been instrumental in monitoring ransomware activities across dark web forums and marketplaces. Through its Live View > Dark Web Watch feature, security teams can track active groups, their collaborations, and emerging attack vectors, allowing organizations to preemptively bolster defenses. During the first half of 2025, a surge in new…
-
Hackers Use Weaponized .HTA Files to Infect Victims with Red Ransomware
CloudSEK’s TRIAD team uncovered an active development site deploying Clickfix-themed malware linked to the Epsilon Red ransomware. This variant deviates from traditional clipboard-based command injection tactics by directing victims to a secondary page on the same domain, where malicious shell commands are executed silently through ActiveXObject(>>WScript.Shell
-
Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks
Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners.The threat activity clusters have been codenamed Soco404 and Koske by cloud security firms Wiz and Aqua, respectively.Soco404 “targets both Linux and Windows systems, deploying platform-specific malware,” Wiz First seen on thehackernews.com Jump to article:…
-
Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks
Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners.The threat activity clusters have been codenamed Soco404 and Koske by cloud security firms Wiz and Aqua, respectively.Soco404 “targets both Linux and Windows systems, deploying platform-specific malware,” Wiz First seen on thehackernews.com Jump to article:…
-
Brave-Browser blockiert Microsoft Recall auf Tabs
Die Entwickler des Brave-Browsers haben zum 22. Juli 2025 angekündigt, dass sie ab der neuen Version 1.81 die Microsoft Recall-Funktion auf allen Tabs standardmäßig blockieren. Dies soll verhindern, dass Informationen auf den geöffneten Tabs an Microsofts sehr umstrittene Windows AI-Funktion … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/25/brave-browser-blockiert-microsoft-recall-auf-tabs/