Please turn on your JavaScript for this page to function normally.
ransomware
GoZone ransomware accuses and threatens victims

A new ransomware dubbed GoZone is being leveraged by attackers that don’t seem to be very greedy: they are asking the victims to pay just $1,000 in Bitcoin if they want …

Microsoft Windows
Patching problems: The “return” of a Windows Themes spoofing vulnerability

Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes …

Google Meet
Fake Google Meet pages deliver infostealers

Users of the Google Meet video communication service have been targeted by cyber crooks using the ClickFix tactic to infect them with information-stealing malware. Fake Google …

Patch Tuesday
Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)

For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug …

Windows
Use Windows event logs for ransomware investigations, JPCERT/CC advises

The JPCERT Coordination Center – the first Computer Security Incident Response Team established in Japan – has compiled a list of entries in Windows event logs …

Microsoft Recall
Microsoft revised the controversial Copilot+ Recall feature

Microsoft has made changes to Recall – the screenshot-taking, AI-powered search feature for Copilot+ PCs running Windows 11 – to reassure users worried about …

Verify you are human
Windows users targeted with fake human verification pages delivering malware

For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed …

laptop
Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)

CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering web pages on Windows – “was …

EchoStrike
EchoStrike: Generate undetectable reverse shells, perform process injection

EchoStrike is an open-source tool designed to generate undetectable reverse shells and execute process injection on Windows systems. “EchoStrike allows you to generate …

Patch Tuesday
Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes

September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, …

open-source cybersecurity tools
33 open-source cybersecurity solutions you didn’t know you needed

Open-source cybersecurity tools provide transparency and flexibility, allowing users to examine and customize the source code to fit specific security needs. These tools make …

patch tuesday
September 2024 Patch Tuesday forecast: Downgrade is the new exploit

September 2024 Patch Tuesday is now live: Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes I asked for a calm August 2024 Patch …

Don't miss

Cybersecurity news