Security News

Microsoft announces Windows 11 ‘Moment 3’ update, here are the new features
2023-05-23 15:00

Microsoft has released the Windows 11 22H2 'Moment 3' update, bringing many new and long-awaited features to the operating system. Unlike its predecessor, Windows 10, which received two substantial feature updates annually, Windows 11 is slated to get only one major feature update per year.

Malicious Windows kernel drivers used in BlackCat ransomware attacks
2023-05-22 18:23

The ALPHV ransomware group was observed employing signed malicious Windows kernel drivers to evade detection by security software during attacks. The POORTRY malware is a Windows kernel driver signed using stolen keys belonging to legitimate accounts in Microsoft's Windows Hardware Developer Program.

Microsoft pulls Defender update fixing Windows LSA Protection bug
2023-05-17 18:12

Microsoft has pulled a recent Microsoft Defender update that was supposed to fix a known issue triggering persistent restart alerts and Windows Security warnings that Local Security Authority Protection is off. Microsoft acknowledged the issue on March 21, after widespread user reports regarding Windows 11 systems warning that LSA protection was off.

Microsoft investigates slow Windows VPN speeds after May updates
2023-05-16 22:14

Microsoft is investigating major speed issues affecting L2TP/IPsec VPN connections after installing recent Windows 11 updates. Based on reports seen by BleepinComputer since the updates have been available, both updates are triggering the L2TP/IPsec VPN speed issues after deployment.

VirusTotal AI code analysis expands Windows, Linux script support
2023-05-15 19:54

Google has added support for more scripting languages to VirusTotal Code Insight, a recently introduced artificial intelligence-based code analysis feature. While launched only with support for analyzing a subset of PowerShell files, Code Insight can now also spot malicious Batch, Command Prompt, Shell, and VBScript scripts.

How cyberstalkers could access your iPhone using the Windows Phone Link app
2023-05-12 20:41

A Microsoft app that helps people use their Windows PC and iPhone or Android phone in tandem could also be abused by cyberstalkers to snoop on personal information. In a report released Thursday, software maker Certo explains how Microsoft's Phone Link app could be used against iPhone owners and how they can protect themselves against this type of threat.

Fake in-browser Windows updates push Aurora info-stealer malware
2023-05-10 18:23

A recently spotted malvertising campaign tricked users with an in-browser Windows update simulation to deliver the Aurora information stealing malware. Written in Golang, Aurora has been available on various hacker forums for more than a year, advertised as an info stealer with extensive capabilities and low antivirus detection.

Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
2023-05-10 14:23

The vulnerability, tracked as CVE-2023-29324, has been described as a security feature bypass. Akamai security researcher Ben Barnea, who discovered and reported the bug, noted that all Windows versions are affected, but pointed out Microsoft, Exchange.

Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix
2023-05-09 23:15

Your humble vulture is a glass-half-empty-and-who-the-hell-drank-my-whiskey kind of bird, so instead of looking on the bright side, we're looking at the two Microsoft bugs that have already been found and exploited by miscreants. The two that are under active exploit, at least according to Microsoft, are CVE-2023-29336, a Win32k elevation of privilege vulnerability; and CVE-2023-24932, a Secure Boot security feature bypass vulnerability, which was exploited by the BlackLotus bootkit to infect Windows machines.

Windows 11 KB5026372 cumulative update released with 20 changes
2023-05-09 18:24

Microsoft has released the Windows 11 22H2 KB5026372 cumulative update to fix security vulnerabilities and introduce 20 changes, improvements, and bug fixes. KB5026372 is a mandatory Windows 11 cumulative update containing the May 2023 Patch Tuesday security updates that fix 38 vulnerabilities and three zero-days in various Microsoft products.