Security News

The Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security (DHS) on Monday issued an alert for the Windows vulnerability tracked as BlueKeep and...

Flaw Could Cause Denial-of-Service Event in Windows Fleet, Researcher ClaimsA Google security researcher has disclosed what he calls an unpatched bug in the main cryptographic library used in...

The Preempt research team found two critical Microsoft vulnerabilities that consist of three logical flaws in NTLM, the company’s proprietary authentication protocol. These vulnerabilities allow...

The two CVEs allow bypasses to get around NTLM relay attack mitigations.

Microsoft wants to make its Windows platform passwordless and the latest Windows 10 release marks one step closer to that goal. read more

SandboxEscaper is back, with a second bypass for the recent CVE-2019-0841 Windows patch.

An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege...

Changing passwords frequently is not only a pain, but also unsafe, according to Microsoft. Here's why the company's decision to remove password expirations is a good one.

Meanwhile, NSA Issues Alert Stressing Urgency of PatchingA security researcher has posted a demonstration showing how an attacker could exploit the BlueKeep vulnerability to take over a Windows...

Researchers have found an unexpected behavior in a Windows feature designed to protect remote sessions.