Unlocking Windows 10 PCs with smartphones, wearables, smart cards
With Windows 10, Microsoft is slowly moving towards removing passwords as the main authentication method for users to log in to their (locked) computers. Windows Hello, the …
OS analysis tool osquery finally available for Windows
Nearly two years after Facebook open sourced osquery, the social networking giant has made available an osquery developer kit for Windows, allowing security teams to build …
Microsoft equips Edge with hardware-based container
Microsoft has announced a new capability that will make its Edge browser the most secure web browsing option for enterprises: Windows Defender Application Guard. Windows …
Microsoft ends Tuesday patches
Yesterday was a big day for Patch Tuesday. It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches …
Stealing login credentials from locked computers in 30 seconds or less
Security researcher Rob Fuller has demonstrated a simple way for stealing login credentials from locked computers running Windows and Mac OS X. For the attack to work, …
Backdoor uses TeamViewer to spy on victims
A backdoor Trojan with spying capabilities that has been previously directed against European and Russian users is now being lobbed at US users, Dr. Web researchers have …
Windows users will no longer be able to apply individual patches
Since Microsoft began pushing Windows 10 on consumers and enterprise users, it has consistently worked towards minimizing the choices they can make about the installation. One …
Proxy authentication flaw can be exploited to crack HTTPS protection
Mistakes made in the implementation of proxy authentication in a variety of operating systems and applications have resulted in security vulnerabilities that allow MitM …
Microsoft releases five critical updates
Microsoft continued a trend of fewer updates than we are used to with only 9 bulletins (5 critical and 4 important) released this month. It stands to reason that Microsoft may …
Malware hidden in digitally signed executables can bypass AV protection
Researchers have shown that it’s possible to hide malicious code in digitally signed executables without invalidating the certificate, and execute this code – all …
Remote Butler attack: APT groups’ dream come true
Microsoft security researchers have come up with an extension of the “Evil Maid” attack that allows attackers to bypass local Windows authentication to defeat full …
UAC bypass attack on Windows 10 allows malicious DLL loading
Security researchers Matt Graeber and Matt Nelson have discovered a way to run a malicious DLL on Windows 10 without the User Account Control (UAC) springing into action and …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments