Microsoft Patch Tuesday Updates Fix Over 50 Vulnerabilities
Microsoft’s Patch Tuesday updates for July 2018 address more than 50 vulnerabilities, but none of them appear to have been exploited for malicious purposes before the fixes were released. The company has classified 18 of the flaws as critical and, similar to previous months, they mostly affect the Edge and Internet Explorer web browsers. Many…
Microsoft brings cloud security services to better protect Windows 10
Attackers regularly attempt to wiggle their way into your network and then try to cover their tracks. By the time you determine that someone has breached your network, the evidence of how they got in might have rolled off your log files. You would like to better understand how attackers can use lateral movement inside…
Windows Hello Face Recognition Tricked by Photo
The facial recognition-based authentication system in Windows Hello has been bypassed by researchers using a printed photo, but the method does not work in the latest versions of Windows 10. Windows Hello, a feature available in Windows 10, allows users to quickly and easily log into their devices using their face or fingerprints. The face…
Billions of Bluetooth-enabled devices vulnerable to new airborne attacks
Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute malicious code on, or perform a MitM attack against vulnerable devices. The vulnerabilities, collectively dubbed BlueBorne by the researchers who discovered them, can be exploited without users having to click on a…
Cybersecurity depends on partnership
In the world of cybersecurity, partnerships are of much importance. Cybersecurity companies partner among themselves to share data and help each other build stronger security solutions that can better protect their users. They also partner with law enforcement agencies to fight cybercrime. Partnerships with software developers are equally important, because security solutions have to work…
Fireball: Adware with potential nuclear consequences
Advertising can sometimes be annoying — and sometimes it can be malicious. Businesses that make their money selling advertisements sometimes go too far trying to make sure you see their ads. Recently researchers found that one such business — a big digital-marketing agency — went as far as installing adware on 250 million computers running…
Who are we kidding? WannaCry is not a first
On Friday, May 12, 2017, the world was alarmed to discover that cybercrime has reached a new record, in a widespread ransomware attack dubbed WannaCry that is believed to have caused the biggest attack of its kind ever recorded. The details of the attack are all being reported as we go, as security teams scramble…
Tens of thousands Windows systems implanted with NSA’s DoublePulsar
Has your Windows machine been implanted with NSA’s DoublePulsar backdoor? If you haven’t implemented the security updates released by Microsoft in March, chances are good that it has. What is DoublePulsar? DoublePulsar is a backdoor implant that enables the injection and running of DLLs – potentially malicious ones – on Windows computers. It was recently…
CryptoSearch Lets Users Move Ransomware-Encrypted Files
Being hit by ransomware usually means that you no longer have access to your files unless you pay a ransom or find another way to decrypt them, but a newly released tool allows users to move encrypted files to a new location. Dubbed CryptoSearch, and still a beta release, the application is powered by the…
Is your Windows 10 migration strategy leaving you vulnerable?
Despite enhanced security being a key driver in the move to Windows 10, many organizations are putting their security at risk with their choice of migration strategy, according to new research by 1E. The report found that, by taking an in-place upgrade option, many organizations are missing the opportunity to enable advanced security features.