Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
info-stealer
Windows, macOS users targeted with crypto-and-info-stealing malware

Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of …

Patch Tuesday
December 2024 Patch Tuesday forecast: The secure future initiative impact

It seems like 2024 just started, but the final Patch Tuesday of the year is almost here! In retrospect, it has been a busy year with continued Windows 11 releases, the new …

Godot game engine
Cybercriminals used a gaming engine to create undetectable malware loader

Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses …

VPN
Researchers reveal exploitable flaws in corporate VPN clients

Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be …

backdoor
RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege …

Windows Recall
Microsoft asks Windows Insiders to try out the controversial Recall feature

Participants of the Windows Insider Program that have a Qualcomm Snapdragon-powered Copilot+ PC can now try out Recall, the infamous snapshot-taking, AI-powered feature that …

Windows 11 security features
Microsoft announces new and improved Windows 11 security features

Microsoft has implemented some and is working on delivering several other security-related features and improvements for Windows 11. Administrator protection will allow users …

Microsoft
Microsoft plans to limit security products’ access to Windows kernel mode

Microsoft has announced the Windows Resiliency Initiative, aimed at avoiding a repeat of the prolonged worldwide IT outage caused by a buggy CrowdStrike update that took down …

Microsoft Windows
How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)

CVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky …

Patch Tuesday
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 …

patch tuesday
November 2024 Patch Tuesday forecast: New servers arrive early

November 2024 Patch Tuesday is now live: Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) Microsoft followed their October precedent set with …

ransomware
GoZone ransomware accuses and threatens victims

A new ransomware dubbed GoZone is being leveraged by attackers that don’t seem to be very greedy: they are asking the victims to pay just $1,000 in Bitcoin if they want …

Don't miss

Cybersecurity news