VirLocker ransomware is back, but can be defeated
VirLocker (aka VirLock, aka VirRansom) is a virulent piece of machine-locking ransomware that has been around for quite some time. It’s actually quite a surprise that it …
Is your Windows 10 migration strategy leaving you vulnerable?
Despite enhanced security being a key driver in the move to Windows 10, many organizations are putting their security at risk with their choice of migration strategy, …
Malvertising campaign compromises routers instead of computers
The DNSChanger exploit kit is back and more effective than ever, and is being used in a widespread malvertising attack whose goal is to compromise small/home office routers. …
Researchers identify domain-level service credential exploit
CyberArk Labs unveiled new research detailing what it considers to be a significant risk across all Windows endpoints, including those on Windows 10 with Credential Guard …
Pawn Storm raced to pop many targets before Windows zero-day patch release
As promised, Microsoft provided this Tuesday a patch for the Windows zero-day (CVE-2016-7855) actively exploited by the Strontium (aka Pawn Storm) cyber espionage hacking …
Microsoft extends support for EMET, but its days are numbered
The days of EMET, Microsoft’s Enhanced Mitigation Experience Toolkit for Windows, are numbered. Although, the company has listened to the customers’ pleas, and is …
Post-pumpkin Patch Tuesday: What’s in store for November
There has been a lot of activity since October’s Patch Tuesday. During that short period of time, Oracle released its quarterly CPU, including an update for Java JRE; Adobe …
Latest Windows zero-day exploited by DNC hackers
Due to Google’s public release of information about an actively exploited Windows zero-day, Microsoft was forced to offer its own view of things and more information …
65% of Windows devices still running Windows 7, released in 2009
To analyze the current state of device security, Duo Security analyzed more than two million devices, 63 percent of which were running Microsoft operating systems. Seriously …
Google warns of actively exploited Windows zero-day
Google has disclosed to the public the existence of a Windows zero-day vulnerability (CVE-2016-7255) that is being actively exploited in the wild. According to Neel Mehta and …
New code injection attack works on all Windows versions
Researchers from security outfit enSilo have uncovered a new code injection technique that can be leveraged against all Windows versions without triggering current security …
Review: IS Decisions UserLock
According to a Rapid7 survey, 90% of organizations are worried about compromised credentials and around 60% say they cannot catch these types of attacks. French IT security …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)