Top

Tag: Windows


Data loss, Threats & Malware

New Rust-based malware targets Microsoft Windows, abuses Powershell, and steals sensitive info

June 20, 2024

Via: TechRadar

Security pros are warning of a new infostealer being distributed using different methods across the internet. Fickle Stealer does the usual tactics – steals sensitive files, system information, files stored in the browser, cryptocurrency wallet information, and more – but […]


Privacy protection, Security

Windows Recall — a ‘privacy nightmare’?

May 24, 2024

Via: Computerworld

Windows Recall, the new feature that records a user’s screen at regular intervals, has been labelled a “privacy nightmare” due to potential data privacy and security risks. Microsoft announced the generative AI-based tool on Monday; it records “snapshots” of a […]


Threats & Malware, Virus & Malware

Detecting Windows-based Malware Through Better Visibility

April 1, 2024

Via: The Hacker News

Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren’t just an inconvenience that hurt businesses and end users – they damage the economy, endanger lives, destroy businesses […]


Application security, Security

Beware, all Windows and Mac devices possibly at risk – dangerous Opera security flaw could have allowed hackers to run any file they want

January 16, 2024

Via: TechRadar

Opera, a popular Chromium-based browser, was found carrying a vulnerability that would allow hackers to install pretty much any file on both Windows and macOS operating systems. The vulnerability was discovered by cybersecurity researchers from Guardio Labs, who notified the […]


Threats & Malware, Vulnerabilities

New year, new updates for security holes in Windows, Adobe, Android and more

January 9, 2024

Via: The Register

Microsoft rang in the New Year with a relatively calm Patch Tuesday: Just 49 Windows security updates including fixes for two critical-rated bugs, plus four high-severity Chrome flaws in Microsoft Edge. None of the January CVEs are under active exploit, […]


Application security, Security

Microsoft to Add Dedicated AI Copilot Button on Windows PCs

January 8, 2024

Via: SecureWorld

In a bold move that promises to redefine the way users interact with their computers, Microsoft has announced the integration of a dedicated Copilot button on the keyboards of its Windows PCs. This innovative step signifies a major leap forward […]


Cyber-crime, Malware

This brand new type of malware is out to target Windows machines, so watch out

January 5, 2024

Via: TechRadar

Cybersecurity researchers have discovered a new piece of malware targeting Windows devices, so be on the lookout. Experts from Fortinet’s FortiGuard Labs claim to have found a previously undetected version of a remote access trojan called Bandook. This malware was […]


Threats & Malware, Virus & Malware

Sophisticated JaskaGO info stealer targets macOS and Windows

December 20, 2023

Via: Security Affairs

Researchers from AT&T Alien Labs uncovered a previously undetected Go-based information stealer dubbed JaskaGO that targets Windows and macOS systems. JaskaGO is a sophisticated malware that supports an extensive array of commands and can maintain persistence in different ways. The […]


Cyber-crime, Malware

Qakbot’s backbot: FBI-led takedown keeps crims at bay for just 3 months

December 19, 2023

Via: The Register

Multiple sources are confirming the resurgence of Qakbot malware mere months after the FBI and other law enforcement agencies shuttered the Windows botnet. Microsoft Threat Intelligence reckons a new Qakbot phishing campaign is active as of December 11 but attack […]


Threats & Malware, Vulnerabilities

Another month, another bunch of fixes for Microsoft security bugs exploited in the wild

November 15, 2023

Via: The Register

Heads up: Microsoft’s November Patch Tuesday includes fixes for about 60 vulnerabilities – including three that have already been found and abused in the wild. First of that trio is CVE-2023-36033: a Windows Desktop Manager (WDM) Core Library elevation-of-privilege vulnerability. […]


Access control, Security

Google Workspace weaknesses allow plaintext password theft

November 15, 2023

Via: The Register

Novel weaknesses in Google Workspace have been exposed by researchers, with exploits potentially leading to ransomware attacks, data exfiltration, and password decryption. Researchers at Bitdefender say the methods could also be used to access Google Cloud Platform (GCP) with custom […]


Cyber-crime, Malware

Exela Stealer malware uses Discord to steal Windows users data

September 27, 2023

Via: TechRadar

Cybersecurity researchers Cyble have recently uncovered a new malware strain for Windows, capable of stealing sensitive data from infected devices. # The malware is called Exela, and apparently, it’s using Discord to deliver the stolen information to its operators. The […]


Cyber-crime, Malware

This Malware Turned Thousands of Hacked Windows and macOS PCs into Proxy Servers

August 21, 2023

Via: The Hacker News

Threat actors are leveraging access to malware-infected Windows and macOS machines to deliver a proxy server application and use them as exit nodes to reroute proxy requests. According to AT&T Alien Labs, the unnamed company that offers the proxy service […]


Access control, Security

Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk

August 10, 2023

Via: The Hacker News

A widely used Chinese language input app for Windows and Android has been found vulnerable to serious security flaws that could allow a malicious interloper to decipher the text typed by users. The findings from the University of Toronto’s Citizen […]


Threats & Malware, Vulnerabilities

Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks

July 24, 2023

Via: The Hacker News

Zero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks. The flaws, discovered by Mandiant on February 28, 2023, have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078, […]


Threats & Malware, Virus & Malware

New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems

July 20, 2023

Via: The Hacker News

Cybersecurity researchers have uncovered a new cloud targeting, peer-to-peer (P2P) worm called P2PInfect that targets vulnerable Redis instances for follow-on exploitation. “P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalable and potent than […]


Access control, Security

A Few More Reasons Why RDP is Insecure (Surprise!)

July 20, 2023

Via: The Hacker News

If it seems like Remote Desktop Protocol (RDP) has been around forever, it’s because it has (at least compared to the many technologies that rise and fall within just a few years.) The initial version, known as “Remote Desktop Protocol […]


Threats & Malware, Vulnerabilities

Microsoft Releases Patches for 132 Vulnerabilities, Including 6 Under Active Attack

July 12, 2023

Via: The Hacker News

Microsoft on Tuesday released updates to address a total of 132 new security flaws spanning its software, including six zero-day flaws that it said have been actively exploited in the wild. Of the 132 vulnerabilities, nine are rated Critical, 122 […]


Threats & Malware, Virus & Malware

Newly Uncovered ThirdEye Windows-Based Malware Steals Sensitive Data

June 29, 2023

Via: The Hacker News

A previously undocumented Windows-based information stealer called ThirdEye has been discovered in the wild with capabilities to harvest sensitive data from infected hosts. Fortinet FortiGuard Labs, which made the discovery, said it found the malware in an executable that masqueraded […]


Cyber-crime, Virus & Malware

State-Backed Hackers Employ Advanced Methods to Target Middle Eastern and African Governments

June 19, 2023

Via: The Hacker News

Governmental entities in the Middle East and Africa have been at the receiving end of sustained cyber-espionage attacks that leverage never-before-seen and rare credential theft and Exchange email exfiltration techniques. “The main goal of the attacks was to obtain highly […]