Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
Microsoft Windows
Patching problems: The “return” of a Windows Themes spoofing vulnerability

Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes …

patching
Enhancing security through proactive patch management

Despite its importance, patching can be challenging for organizations due to factors such as the sheer volume of patches released by software vendors, compatibility issues …

patch tuesday
February 2024 Patch Tuesday forecast: Zero days are back and a new server too

UPDATE: February 13, 14:55 ET – February 2024 Patch Tuesday is live. January 2024 Patch Tuesday is behind us. A relatively light release from Microsoft with 39 CVEs …

Windows
A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs

A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported (and some legacy) versions of Windows could spell trouble for …

micropatches
Micropatches: What they are and how they work

In this Help Net Security video, Mitja Kolsek, CEO at Acros Security, discusses micropatches, a solution to a huge security problem. With micropatches, there are no reboots or …

biohazard
Qbot – known channel for ransomware – delivered via phishing and Follina exploit

More than a week has passed since Microsoft acknowledged the existence of the “Follina” vulnerability (CVE-2022-30190), after reports of it being exploited in the …

Microsoft
Attackers are leveraging Follina. What can you do?

As the world is waiting for Microsoft to push out a patch for CVE-2022-30190, aka “Follina”, attackers around the world are exploiting the vulnerability in a …

Zoom
Zoom zero-day flaw allows code execution on victim’s Windows machine

A zero-day vulnerability in Zoom for Windows may be exploited by an attacker to execute arbitrary code on a victim’s computer. The attack doesn’t trigger a …

patch
Micropatches block exploitation of Windows zero-days under attack

While we wait for Microsoft to provide fixes for the two new Windows RCE zero-days that are being exploited in “limited targeted Windows 7 based attacks,” ACROS …

email
Malware peddlers hit Office users with old but reliable exploit

Emails delivering RTF files equipped with an exploit that requires no user interaction (except for opening the booby-trapped file) are hitting European users’ inboxes, …

AlgoSec CloudFlow
New infosec products of the week: April 5, 2019

Free cybersecurity threat assessment for midsize and large organizations Cynet unveiled the Cynet Threat Assessment program. The free offering for organizations with 500 or …

0patch PRO simplifies Windows security patching

ACROS Security, a globally recognized provider of security micropatches, launched 0patch PRO, a service that simplifies security patching on Windows platform for Enterprises …

Don't miss

Cybersecurity news