Security News

June's Patch Tuesday reveals 23 ways to remotely pwn Windows – and over 100 more bugs that could ruin your day
2020-06-09 21:28

The Redmond giant has posted fixes for CVE-listed bugs in its latest monthly security update, including 23 that allow for remote code execution. One of the bugs that was of particular interest to researchers was CVE-2020-1299, a remote code execution issue that arises when trying to load Windows shortcut files.

SMBleed: A New Critical Vulnerability Affects Windows SMB Protocol
2020-06-09 20:44

Cybersecurity researchers today uncovered a new critical vulnerability affecting the Server Message Block protocol that could allow attackers to leak kernel memory remotely, and when combined with a previously disclosed "Wormable" bug, the flaw can be exploited to achieve remote code execution attacks. The newly discovered vulnerability impacts Windows 10 versions 1903 and 1909, for which Microsoft today released security patches as part of its monthly Patch Tuesday updates for June.

PoC RCE exploit for SMBGhost Windows flaw released
2020-06-08 10:05

A security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions. The PoC exploit is unreliable, but could be used by malicious attackers as a starting point for creating a more effective exploit.

OK Windows 10, we get it: You really do not want us to install this unsigned application. But 7 steps borders on ridiculous
2020-06-05 09:29

The application is free and open source, but he still has to pay for a code-signing certificate to avoid potential users being put off by warnings when they try to download and install. Warning or preventing users from installing unverified applications is commonplace in today's operating systems, but does Windows go too far? We counted seven steps needed to download and install the open-source audio package Ardour 6, which is both unsigned and newly released, using the latest Edge and Windows 10.

This new ransomware targets Windows and Linux in surprising ways
2020-06-04 15:00

Aimed at SMBs, educational facilities, and software companies, the ransomware leverages Java to encrypt server-based files, according to BlackBerry and KPMG. Cybercriminals are always looking for new tricks and techniques to target potential victims without being caught. That's especially true of ransomware attackers who need to stealthily invade an organization's network to encrypt the sensitive files they plan to hold hostage.

Week in review: Windows RDP backdoor, GDPR enforcement, application threats and security trends
2020-05-31 07:00

Application threats and security trends you need to know aboutApplications are a gateway to valuable data, so it's no wonder they are one of attackers' preferred targets. C-suite execs often pressure IT teams to make security exceptions for themThe C-suite is the most likely group within an organization to ask for relaxed mobile security protocols - despite also being highly targeted by malicious cyberattacks, according to MobileIron.

Windows 10 adds new security and privacy features in May update
2020-05-29 10:15

Windows 10 release 2004 is out, with a slew of new features. In Windows 10 1903, it launched the Windows Sandbox, which is a lightweight desktop environment that isolates anything you run in it and wipes all its files when you close it down.

New fuzzing tool for USB drivers uncovers bugs in Linux, macOS, Windows
2020-05-28 12:09

With a new fuzzing tool created specifically for testing the security of USB drivers, researchers have discovered more than two dozen vulnerabilities in a variety of operating systems. "USBFuzz discovered a total of 26 new bugs, including 16 memory bugs of high security impact in various Linux subsystems, one bug in FreeBSD, three in macOS, and four in Windows 8 and Windows 10, and one bug in the Linux USB host controller driver and another one in a USB camera driver," Hui Peng and Mathias Payer explained.

Microsoft blocks Trend Micro code at center of driver 'cheatware' storm from Windows 10, rootkit detector product pulled from site
2020-05-27 07:14

Microsoft has blocked a Trend Micro driver from running on Windows 10 - and Trend has withdrawn downloads of its rootkit detector that uses the driver - after the code appeared to game Redmond's QA tests. We note that while the driver appears in other Trend Micro products, they may not necessarily be using the now-blocked driver, or may have received a suitable hot fix, and thus will continue working on Windows 10 20H1. Trend Micro has ignored our repeated requests for an explanation as to why its software altered its operation specifically while under test, though it insisted "At no time was the Trend Micro team avoiding certification requirements." A spokesperson for Trend was not available for immediate comment on the move to block the driver on Windows 10.

Microsoft blocks Trend Micro code at center of driver 'cheatware' storm from Windows 10, rootkit detector product pulled from site
2020-05-27 07:14

Microsoft has blocked a Trend Micro driver from running on Windows 10 - and Trend has withdrawn downloads of its rootkit detector that uses the driver - after the code appeared to game Redmond's QA tests. We note that while the driver appears in other Trend Micro products, they may not necessarily be using the now-blocked driver, or may have received a suitable hot fix, and thus will continue working on Windows 10 20H1. Trend Micro has ignored our repeated requests for an explanation as to why its software altered its operation specifically while under test, though it insisted "At no time was the Trend Micro team avoiding certification requirements." A spokesperson for Trend was not available for immediate comment on the move to block the driver on Windows 10.