Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)
For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080, CVE-2024-38112) in …
Clever macOS malware delivery campaign targets cryptocurrency users
Cryptocurrency users are being targeted with legitimate-looking but fake apps that deliver information-stealing malware instead, Recorded Future’s researchers are …
Microsoft delays Windows Recall rollout, more security testing needed
Microsoft is delaying the release of Recall, a controversial Windows 11 feature that will allow users to search their computer for specific content that has previously been …
PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577)
An OS command injection vulnerability in Windows-based PHP (CVE-2024-4577) in CGI mode is being exploited by the TellYouThePass ransomware gang. Imperva says the attacks …
Windows Recall will be opt-in and the data more secure, Microsoft says
The insistent public complaints and proof-of-concept tools have have borne fruit: Microsoft has realized that the security of its recently previewed Windows Recall feature …
June 2024 Patch Tuesday forecast: Multiple announcements from Microsoft
June 2024 Patch Tuesday is now live: Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103) May 2024 Patch Tuesday was unusual because we had …
TotalRecall shows how easily data collected by Windows Recall can be stolen
Ethical hacker Alexander Hagenah has created TotalRecall, a tool that demonstrates how malicious individuals could abuse Windows’ newly announced Recall feature to steal …
Windows’ new Recall feature: A privacy and security nightmare?
Microsoft has announced the Copilot+ line of Windows 11-powered PCs that, among other things, will have Recall, a feature that takes screenshots every few seconds, encrypts …
BLint: Open-source tool to check the security properties of your executables
BLint is a Binary Linter designed to evaluate your executables’ security properties and capabilities, utilizing LIEF for its operations. From version 2, BLint can also …
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)
For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print …
April 2024 Patch Tuesday forecast: New and old from Microsoft
April 2024 Patch Tuesday is now live: Microsoft patches actively exploited security feature bypass vulnerability (CVE-2024-29988) This month, we have a new product preview …
March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V
On this March 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, but – welcome news! – none of them are currently publicly known …
Featured news
Sponsored
Don't miss
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD
- Realm: Open-source adversary emulation framework
- Discover the growing threats to data security
- Encrypted traffic: A double-edged sword for network defenders