Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Windows
Microsoft will start removing legacy drivers from Windows Update

Microsoft will start removing legacy drivers from Windows Update to improve driver quality for Windows users but, most importantly, to increase security, the company has …

North Korea
0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193)

CVE-2024-38193, an actively exploited zero-day that Microsoft patched earlier this month, has been leveraged by North Korean hackers to install a rootkit on targets’ …

malware
Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver

ESET Research has discovered a sophisticated Chinese browser injector: a signed, vulnerable, ad-injecting driver from a mysterious Chinese company. This threat, which ESET …

printer
Microsoft is working on a more secure print system for Windows

After announcing a gradual elimination of third-party printer drivers on Windows earlier this year, Microsoft has now unveiled its plan for enhancing security by introducting …

Qualcomm
Qualcomm patches 3 actively exploited zero-days

Qualcomm has fixed three actively exploited vulnerabilities (CVE-2023-33106, CVE-2023-33107, CVE-2023-33063) in its Adreno GPU and Compute DSP drivers. Vulnerabilities …

patch tuesday
Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)

For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an …

patch Tuesday
Microsoft fixes exploited zero-day, revokes certificate used to sign malicious drivers (CVE-2022-44698)

It’s December 2022 Patch Tuesday, and Microsoft has delivered fixes for 50+ vulnerabilities, including a Windows SmartScreen bypass flaw (CVE-2022-44698) exploited by …

bomb
Delivering vulnerable signed kernel drivers remains popular among attackers

ESET researchers took an in-depth look into the abuse of vulnerable kernel drivers. Vulnerabilities in signed drivers are mostly utilized by game cheat developers to …

Intel processor
Intel releases updates to plug TPM-FAIL flaws, foil ZombieLoad v2 attacks

Intel’s Patch Tuesday releases are rarely so salient as those pushed out this month: the semiconductor chip manufacturer has patched a slew of high-profile …

Windows
Researchers discover 40+ insecure drivers for Windows

Spurred by several past instances of attackers abusing device drivers to install a kernel rootkit or malicious firmware implants, Eclypsium researchers have decided to probe …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools