Security News > 2024 > November

​Microsoft is now testing WebAuthn API updates that add support for support for using third-party passkey providers for Windows 11 passwordless authentication. [...]

A new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take control of the target system by disabling security components. [...]

Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077. The adversary, believed to be active...

The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a...

He'll just have to take this one on the chin The website of self-proclaimed misogynist and alleged sex trafficker and rapist Andrew Tate has been compromised and data on its paying subscribers stolen.…

Microsoft has released the optional KB5046714 Preview cumulative update for Windows 10 22H2 with six bug fixes, including a fix for a bug preventing users from uninstalling or updating packaged...

Lots of details that are beyond me. Blog moderation policy.

PAN-PAN! Intruders inject web shell backdoors, crypto-coin miners, more Thousands of Palo Alto Networks firewalls were compromised by attackers exploiting two recently patched security bugs. The...

​QNAP has pulled a recently released firmware update after widespread customer reports that it's breaking connectivity and, in some cases, locking users out of their devices. [...]

Russian state hackers APT28 (Fancy Bear/Forest Blizzard/Sofacy) breached a U.S. company through its enterprise WiFi network while being thousands of miles away, by leveraging a novel technique...