Security News

Prioritizing cybercrime intelligence for effective decision-making in cybersecurityIn this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures. Proactive cybersecurity: A strategic approach to cost efficiency and crisis managementIn this Help Net Security interview, Stephanie Hagopian, VP of Security at CDW, discusses offensive strategies in the face of complex cyberattacks and the role of the zero-trust model.

Free unofficial patches are available for a new Windows zero-day flaw dubbed EventLogCrasher that lets attackers remotely crash the Event Log service on devices within the same Windows domain.While Microsoft didn't provide more details regarding the 2022 vulnerability, software company Varonis disclosed a similar flaw dubbed LogCrusher that can be exploited by any domain user to remotely crash the Event Log service on Windows machines across the domain.

A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported versions of Windows could spell trouble for enterprise defenders. "I have only tested the whole thing a few times in a domain network consisting of a Windows 10 machine and a Windows Server 2022 domain controller. I was able to crash the event log service of the domain controller as an unprivileged user from the Windows 10 machine, and that was about it."

Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet's infrastructure was dismantled in April 2022. A new variant of the...

Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake Stealer on...

Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which comes with both the Desktop Experience and Server Core installation options for Datacenter and Standard editions, Annual Channel for Container Host and Azure Edition.

Microsoft has launched flighting for Windows Server systems enrolled in its Windows Insider open software testing program. "If you have a recent Windows Server insider build installed, you can now go to Windows Update in Settings app, and check for updates. This will bring you a newer build, as a Feature update," said Microsoft software engineer Artem Pronichkin.

Microsoft released the January 2024 preview update for Windows 11 versions 22H2 and 23H2, which comes with Bluetooth audio bug fixes and addresses 24 known issues. Tracked as KB5034204, this monthly non-security optional cumulative update will enable Windows admins to test improvements and fixes that will be pushed to all customers with the forthcoming February 2024 Patch Tuesday release.

Microsoft says admins are seeing 0x80073cf2 errors when using the System Preparation tool to validate Windows installations for deployment after installing recent Windows 10 updates. Sysprep helps prepare Windows client or Windows Server installations for imaging and deployment on any system by removing computer-specific information such as installed drivers and the computer security identifier.

Microsoft has released the January 2024 preview update for Windows 10, version 22H2, which adds Digital Markets Act compliance in the European Economic Area to allow European users to uninstall all apps in Windows by March 6. The KB5034203 is a monthly non-security optional cumulative update that enables Windows administrators to try out fixes and improvements that will come with the February 2024 Patch Tuesday release.