GoZone ransomware accuses and threatens victims
A new ransomware dubbed GoZone is being leveraged by attackers that don’t seem to be very greedy: they are asking the victims to pay just $1,000 in Bitcoin if they want …
Patching problems: The “return” of a Windows Themes spoofing vulnerability
Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes …
Fake Google Meet pages deliver infostealers
Users of the Google Meet video communication service have been targeted by cyber crooks using the ClickFix tactic to infect them with information-stealing malware. Fake Google …
Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)
For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug …
Use Windows event logs for ransomware investigations, JPCERT/CC advises
The JPCERT Coordination Center – the first Computer Security Incident Response Team established in Japan – has compiled a list of entries in Windows event logs …
Microsoft revised the controversial Copilot+ Recall feature
Microsoft has made changes to Recall – the screenshot-taking, AI-powered search feature for Copilot+ PCs running Windows 11 – to reassure users worried about …
Windows users targeted with fake human verification pages delivering malware
For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed …
Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)
CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering web pages on Windows – “was …
EchoStrike: Generate undetectable reverse shells, perform process injection
EchoStrike is an open-source tool designed to generate undetectable reverse shells and execute process injection on Windows systems. “EchoStrike allows you to generate …
Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes
September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, …
33 open-source cybersecurity solutions you didn’t know you needed
Open-source cybersecurity tools provide transparency and flexibility, allowing users to examine and customize the source code to fit specific security needs. These tools make …
September 2024 Patch Tuesday forecast: Downgrade is the new exploit
September 2024 Patch Tuesday is now live: Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes I asked for a calm August 2024 Patch …