Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
Microsoft has marked January 2025 Patch Tuesday with a hefty load of patches: 157 CVE-numbered security issues have been fixed in various products, three of which (in Hyper-V) …
Chainsaw: Open-source tool for hunting through Windows forensic artefacts
Chainsaw is an open-source first-response tool for quickly detecting threats in Windows forensic artefacts, including Event Logs and the MFT file. It enables fast keyword …
Job-seeking devs targeted with fake CrowdStrike offer via email
Cryptojackers are impersonating Crowdstrike via email to get developers to unwittingly install the XMRig cryptocurrency miner on their Windows PC, the company has warned. The …
January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
January 2025 Patch Tuesday is now live: Microsoft fixes actively exploited Windows Hyper-V zero-day flaws Welcome to 2025 and a new year of patch excitement! In my December …
Microsoft fixes exploited zero-day (CVE-2024-49138)
On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by …
Windows, macOS users targeted with crypto-and-info-stealing malware
Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of …
December 2024 Patch Tuesday forecast: The secure future initiative impact
December 2024 Patch Tuesday is now live: Microsoft fixes exploited zero-day (CVE-2024-49138) It seems like 2024 just started, but the final Patch Tuesday of the year is almost …
Cybercriminals used a gaming engine to create undetectable malware loader
Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses …
Researchers reveal exploitable flaws in corporate VPN clients
Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be …
RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege …
Microsoft asks Windows Insiders to try out the controversial Recall feature
Participants of the Windows Insider Program that have a Qualcomm Snapdragon-powered Copilot+ PC can now try out Recall, the infamous snapshot-taking, AI-powered feature that …
Microsoft announces new and improved Windows 11 security features
Microsoft has implemented some and is working on delivering several other security-related features and improvements for Windows 11. Administrator protection will allow users …
Featured news
Resources
Don't miss
- North Korean IT workers are extorting employers, FBI warns
- GUI frontends for GnuPG, the free implementation of the OpenPGP standard
- Juniper enterprise routers backdoored via “magic packet” malware
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)