Security News

Microsoft is delaying the release of its AI-powered Windows Recall feature to test and secure it further before releasing it in a public preview on Copilot+ PCs. Initially slated for release in a public preview on June 18 with the arrival of the new Copilot+ AI PCs, the company now says they are delaying its release by making it first available for preview with Windows Insiders. "Recall will now shift from a preview experience broadly available for Copilot+ PCs on June 18, 2024, to a preview available first in the Windows Insider Program in the coming weeks," reads an update to a recent Windows Recall blog post.

Threat actors with ties to Pakistan have been linked to a long-running malware campaign dubbed Operation Celestial Force since at least 2018. The activity, still ongoing, entails the use of an...

A previously undocumented cross-platform malware codenamed Noodle RAT has been put to use by Chinese-speaking threat actors either for espionage or cybercrime for years. While this backdoor was...

A new phishing campaign uses HTML attachments that abuse the Windows search protocol to push batch files hosted on remote servers that deliver malware. The Windows Search protocol is a Uniform Resource Identifier that enables applications to open Windows Explorer to perform searches using specific parameters.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Microsoft has announced that the DirectAccess remote access solution is now deprecated and will be removed in a future release of Windows, recommending companies migrate to the 'Always On VPN' for enhanced security and continued support. DirectAccess is a bidirectional remote access technology introduced by Microsoft in Windows 7 and Windows Server 2008 R2, providing domain-joined remote users an "Always on" connection to internal corporate networks without using VPN connections.

Threat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as zero-day, according to new...

The Black Basta ransomware operation is suspected of exploiting a Windows privilege escalation vulnerability as a zero-day before a fix was made available. A report by Symantec says that CVE-2024-26169 has been actively exploited by the Cardinal cybercrime group, the operators of the Black Basta gang, noting that there's a good chance it was leveraged as a zero-day.

Patch Tuesday Microsoft kicked off our summer season with a relatively light June Patch Tuesday, releasing updates for 49 CVE-tagged security flaws in its products - including one bug deemed critical, a fairly terrifying one in wireless networking, and one listed as publicly disclosed. It could allow a remote, unauthenticated attacker to execute arbitrary code by sending a specially crafted malicious MSMQ packet to a vulnerable Windows system, such as a Windows Server box.

Microsoft has released the Windows Server 2022 KB5039227 and Windows Server 2019 KB5039217 cumulative updates with security fixes and fixes for a variety of bugs. These updates are mandatory as they are part of Microsoft's June 2024 Patch Tuesday and contain security updates for 51 vulnerabilities.