Security News

Cisco fixes AnyConnect bug giving Windows SYSTEM privileges
2023-06-07 18:29

Cisco has fixed a high-severity vulnerability found in Cisco Secure Client software that can let attackers escalate privileges to the SYSTEM account used by the operating system."An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process."

New Fractureiser malware used CurseForge Minecraft mods to infect Windows, Linux
2023-06-07 16:34

Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new 'Fractureiser' information-stealing malware through uploaded modifications and by injecting malicious code into existing projects. According to multiple reports, the attack began when several CurseForge and Bukkit accounts were compromised and used to inject malicious code into plugins and mods, which were then adopted by popular modpacks such as 'Better Minecraft,' which has over 4.6 million downloads.

Windows 11 Moment 3 hands on, here's everything new
2023-06-04 21:47

Microsoft's Windows 11 Moment 3 update brings a range of new features and improvements, designed to enhance user experience. The Moment 3 update extends the live captions feature to additional languages, including Simplified and Traditional Chinese, French, German, Italian, Japanese, Portuguese, Spanish, Danish, Korean, and other English dialects.

Microsoft is killing Cortana on Windows starting late 2023
2023-06-02 21:53

After introducing a string of AI-powered assistants for its products, Microsoft has now announced that it will soon end support for the Windows standalone Cortana app. Initially introduced as part of the Windows Phone operating system, Cortana has since expanded to other platforms, including Windows 10, Android, and iOS. It's now deeply integrated into Microsoft's ecosystem and was designed to work closely with other Microsoft products.

Researchers claim Windows “backdoor” affects hundreds of Gigabyte motherboards
2023-06-02 18:56

Researchers at firmware and supply-chain security company Ecylpsium claim to have found what they have rather dramtically dubbed a "Backdoor" in hundreds of motherboard models from well-known hardware maker Gigabyte. You can reinstall Windows at any time, and a standard Windows image doesn't know whether you're going to be using a Gigabyte motherboard or not, so it doesn't come with GigabyteUpdateService.

Windows 11 to require SMB signing to prevent NTLM relay attacks
2023-06-02 18:22

Microsoft says SMB signing will be required by default for all connections to defend against NTLM relay attacks, starting with today's Windows build rolling out to Insiders in the Canary Channel. "This changes legacy behavior, where Windows 10 and 11 required SMB signing by default only when connecting to shares named SYSVOL and NETLOGON and where Active Directory domain controllers required SMB signing when any client connected to them," Microsoft said.

Windows 11 will let you view phone photos in File Explorer
2023-06-01 18:27

Microsoft is now rolling out a new Windows 11 dev build allowing Insiders to view their phone's camera roll in the File Explorer Gallery. Once the Windows 11 Insider Preview Build 23471 gets installed, they can add photos from their phone by clicking a new button added to the File Explorer's command bar.

Terminator antivirus killer is a vulnerable Windows driver in disguise
2023-05-31 19:25

After the malicious driver is written to the disk, Terminator loads it to use its kernel-level privileges to kill off the user-mode processes of AV and EDR software running on the device. While it is not clear how the Terminator program is interfacing with the driver, a PoC exploit was released in 2021 that exploits flaws in the driver to execute commands with Windows Kernel privileges, which could be used to terminate normally-protected security software processes.

Windows 11: Enforcing password resets for local group users
2023-05-30 21:13

One of these fundamental security procedures is the period resetting of a strong login password - a security task that users are understandably reluctant to participate in. In Windows 11, administrators of local user accounts can force members to reset their respective passwords on their next login by making a simple change on a specific configuration screen.

Lazarus hackers target Windows IIS web servers for initial access
2023-05-29 13:00

The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services web servers to gain initial access to corporate networks. The latest tactic of targeting Windows IIS servers was discovered by South Korean researchers at the AhnLab Security Emergency Response Center.