Windows Archives - Page 5 of 8 - Cyber Security Minute

Malware & Threats, Network Security, Software Security

Enterprise Windows Threats Drop as Mac Attacks Rise: Report

Issued by: Dark Reading

Just as the COVID-19 pandemic changed the way we live and work, malware operators changed the way they attack enterprise targets. Last year businesses saw Windows malware detections drop and Mac detections rise as criminals tossed old tactics and focused on targeted attacks. In the “2020 State of Malware” report, Malwarebytes researchers explore how attack…

Network Security, Software Security

What you need to know about changes to Microsoft’s Security Update Guide

Issued by: CSO

Microsoft recently changed how it presents and explains its security vulnerabilities in its products. The new security guide aligns itself with security and industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System (CVSS), which presents a vulnerability’s key characteristics and assigns a numerical score to its severity. The intent of that score…

Software Security

How to block malicious JavaScript files in Windows environments

Issued by: CSO

There have been several recent reports of fake updaters that spoof Google Chrome, Mozilla Firefox, and Internet Explorer landing pages. When the user clicks on the upgrade option, a JavaScript file is downloaded and executes malware. You have several options to block or change the default behavior to better protect workstations. Block JavaScript at the…

Software Security

Mac Attackers Remain Focused Mainly on Adware, Fooling Users

Issued by: Dark Reading

The year 2020 kicked off with reports that Mac cyber threats had taken off, with machines encountering twice as many threats as Windows systems. But as the year came to a close, the average user of the Mac OS continued to see fewer malware and ransomware threats than Windows users, security experts say. In February…

Vulnerabilities

How to protect backups from ransomware

Issued by: CSO

Despite a recent decline in attacks, ransomware still poses significant threats to enterprises, as the attacks against healthcare organizations demonstrated this month. It is also becoming more capable. In particular, ransomware writers are aware that backups are an effective defense and are modifying their malware to track down and eliminate the backups. Ransomware targeting backups…

Network Security

The Windows Bad Neighbor vulnerability explained — and how to protect your network

Issued by: CSO

In October 2020, Microsoft patched a set of vulnerabilities that included critical networking bugs CVE-2020-16898 and CVE-2020-16899. Known as “Bad Neighbor” or “Ping of Death Redux,” these flaws lurk in the TCP/IP networking implementation in Windows in how incoming ICMPv6 packets are handled under certain conditions. Both CVE-2020-16898 and CVE-2020-16899 represent the Bad Neighbor vulnerability,…

Malware & Threats

Elusive hacker-for-hire group Bahamut linked to historical attack campaigns

Issued by: CSO

Attack attribution is one of the most difficult aspects of malware research and it’s not uncommon for different security companies to attribute attack campaigns to different threat actors only to later discover that they were the work of the same group. However, a new paper by researchers at Blackberry stands out by exposing an elusive…

Software Security

Offensive Security releases Win-KeX 2.0, packed with new features

Issued by: Help Net Security

Win-KeX provides a Kali Desktop Experience for Windows Subsystem for Linux (WSL 2), and version 2.0 comes with useful features. Win-KeX 2.0 features Win-KeX SL (Seamless Edition) – no more borders Sound support Multi-session support KeX sessions can be run as root Able to launch “kex” from anywhere – no more cd-ing into the Kali…

Software Security

How to optimize Windows event logging to better investigate attacks

Issued by: CSO

After a compromise, the first thing investigators will do is review the log files. The default logging on Windows machines, however, does not capture enough information to identify forensic artifacts. You can adjust your logging settings to get enough information to investigate attacks. First, download and install Sysmon on outward-facing machines. Sysmon remains resident across…

Vulnerabilities

How to secure vulnerable printers on a Windows network

Issued by: CSO

At the recent Black Hat conference, Peleg Hadar and Tumar Bar of SafeBreach Labs pointed out that the way to a network’s heart is often through its printers. In 2010, one of the vulnerabilities Stuxnet used was a remote code execution on a computer with printer sharing enabled. To reach Iran’s centrifuges, Stuxnet exploited a…