Microsoft patches Windows, IE, Office, SharePoint
This month Microsoft has released 14 new bulletins, 5 of which are rated as Critical, 9 as Important. As a déjà vu from last month, a critical remote code execution …
Windows 10 will offer password-free authentication
The upcoming Windows 10 will offer more authentication options instead of just passwords, Dustin Ingalls, Group Program Manager for Windows Security & Identity, has …
Beware of fake Windows 10 “activators”
The considerable interest users have shown for testing Microsoft’s Windows 10 Technical Preview version has not passed unnoticed by cyber scammers and malware peddlers. …
Attackers can bypass Windows’ protections by changing a single bit
Among the many vulnerabilities that Microsoft patched on Tuesday is one that can be exploited to bypass all Windows security measures by, curiously enough, modifying a single …
Microsoft fixes critical remotely exploitable Windows root-level design bug
In this month’s Patch Tuesday, Microsoft has released nine security bulletins to address 56 unique vulnerabilities in Microsoft Windows, Microsoft Office, Internet …
APT players lack deep skills of exploitation, fail at QA
Advanced Persistent Threat (APT) actors are generally considered to be among the most sophisticated cyber exploiters out there. But is this perception correct? Gabor …
Microsoft releases Sysmon 2.0
Sysmon is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows …
Unfazed by Microsoft’s criticism, Google discloses another Windows 8.1 flaw
Google apparently has no mercy for Microsoft’s developers, and is determined to stick to its 90-day deadline for fixing software flaws, as it publicly released details …
Microsoft released seven advisories, three are critical
December’s Patch Tuesday brings us seven advisories, three of which are listed as Critical. Depending on how you want to count it, we see a total of 24 or 25 CVEs …
Detekt government surveillance spyware on your computer
Amnesty International, Digitale Gesellschaft, the Electronic Frontier Foundation and Privacy International have partnered to create and release a free and open source tool for …
Mobile Pwn2Own 2014: Windows Phone’s sandbox resists attack
The Mobile Pwn2Own 2014 hacking competition, held at the PacSec Applied Security Conference in Tokyo, Japan, was concluded on Thursday, and not one of the targeted phones has …
Latest Microsoft patches crucial for all Windows users
Microsoft has closed a great many flaws, including a 0-day abused by the Sandworm team, in November’s Patch Tuesday. But there is another vulnerability that you should …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)