Please turn on your JavaScript for this page to function normally.
Patch Tuesday
December 2024 Patch Tuesday forecast: The secure future initiative impact

December 2024 Patch Tuesday is now live: Microsoft fixes exploited zero-day (CVE-2024-49138) It seems like 2024 just started, but the final Patch Tuesday of the year is almost …

Godot game engine
Cybercriminals used a gaming engine to create undetectable malware loader

Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses …

VPN
Researchers reveal exploitable flaws in corporate VPN clients

Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be …

backdoor
RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege …

Windows Recall
Microsoft asks Windows Insiders to try out the controversial Recall feature

Participants of the Windows Insider Program that have a Qualcomm Snapdragon-powered Copilot+ PC can now try out Recall, the infamous snapshot-taking, AI-powered feature that …

Windows 11 security features
Microsoft announces new and improved Windows 11 security features

Microsoft has implemented some and is working on delivering several other security-related features and improvements for Windows 11. Administrator protection will allow users …

Microsoft
Microsoft plans to limit security products’ access to Windows kernel mode

Microsoft has announced the Windows Resiliency Initiative, aimed at avoiding a repeat of the prolonged worldwide IT outage caused by a buggy CrowdStrike update that took down …

Microsoft Windows
How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)

CVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky …

Patch Tuesday
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 …

patch tuesday
November 2024 Patch Tuesday forecast: New servers arrive early

November 2024 Patch Tuesday is now live: Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) Microsoft followed their October precedent set with …

ransomware
GoZone ransomware accuses and threatens victims

A new ransomware dubbed GoZone is being leveraged by attackers that don’t seem to be very greedy: they are asking the victims to pay just $1,000 in Bitcoin if they want …

Microsoft Windows
Patching problems: The “return” of a Windows Themes spoofing vulnerability

Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools