Please turn on your JavaScript for this page to function normally.
Windows
Use Windows event logs for ransomware investigations, JPCERT/CC advises

The JPCERT Coordination Center – the first Computer Security Incident Response Team established in Japan – has compiled a list of entries in Windows event logs …

cloud
Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts

Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. …

Microsoft Recall
Microsoft revised the controversial Copilot+ Recall feature

Microsoft has made changes to Recall – the screenshot-taking, AI-powered search feature for Copilot+ PCs running Windows 11 – to reassure users worried about …

Linux
CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE

After much hyping and following prematurely leaked information by a third party, security researcher Simone Margaritelli has released details about four zero-day …

Active Directory
Active Directory compromise: Cybersecurity agencies provide guidance

Active Directory (AD), Microsoft’s on-premises directory service for Windows domain networks, is so widely used for enterprise identity and access management that …

Android
The number of Android memory safety vulnerabilities has tumbled, and here’s why

Google’s decision to write new code into Android’s codebase in Rust, a memory-safe programming language, has resulted in a significant drop in memory safety …

SolarWinds Web Help Desk
PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)

Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by …

Ivanti
Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)

CVE-2024-7593, a critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances, is actively exploited by attackers. The confirmation …

truck
Transportation, logistics companies targeted with lures impersonating fleet management software

Financially motivated threat actors are targeting North American companies in the transportation and logistics sector with tailored lures, info-stealing malware, and a clever …

Kaspersky
US-based Kaspersky users startled by unexpected UltraAV installation

A poorly executed “handover” of US-based Kaspersky customers has led some users to panic when software named UltraAV popped up on their computers without any …

Telegram
Telegram will share IP addresses, phone numbers of criminal suspects with cops

Telegram will start handing over the IP addresses and phone numbers of users who violate their Terms of Service “to relevant authorities in response to valid legal …

Windows Server
Windows Server 2025 gets hotpatching option, without reboots

Organizations that plan to upgrade to Windows Server 2025 once it becomes generally available will be able to implement some security updates by hotpatching running processes. …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools