14 Nov 2019

Microsoft Patches RCE Bug Actively Under Attack

Microsoft has patched 74 bugs, one under active attack, as part of the Patch Tuesday security roundup. In Internet Explorer, the previously vulnerable Microsoft bug allows attackers to execute rogue code if a user opens a malicious web page of Office document, permitting the attacker to gain control of the

Read More
05 Nov 2019

Employees know vulnerabilities exist, but they can’t resolve them quickly enough

Just over half (52%) of organizations need between 1 day and a week to address a newly discovered vulnerability in their environment, while 22% require a month or longer, a new report by Adaptiva shows. Only about one in four firms (26%) is capable of remediating flaws within 24 hours

Read More
23 Oct 2019

Outdated OSs Still Present in Many Industrial Organizations: Report

Systems running outdated Windows versions are present on 62% of industrial networks, although that number is 71% if Windows 7 is taken into account, a new report by CyberX shows. Microsoft will stop supporting Windows 7 in January of next year. Suspicious activity was detected on 22% of networks. Examples

Read More
21 Oct 2019

Microsoft cautions against installing the latest Windows 10 update

Microsoft is urging enterprise customers not to install the most recent Windows 10 update because it may cause the Microsoft Defender Advanced Threat Protection (ATP) service to stop working. Microsoft Defender ATP is a paid service for enterprise customers not related to Windows Defender for the Home and Pro operating

Read More
11 Oct 2019

Flaw in iTunes for Windows Abused for Ransomware Attacks

Security researchers with Morphisec are warning the BitPaymer ransomware actors have been exploiting a security flaw in the Bonjour updater for the Windows version of Apple iTunes in order to avoid detection by anti-malware solutions on targeted systems. Bonjour contains an “unquoted path vulnerability,” that can enable threat actors to

Read More
30 Sep 2019

Microsoft uncovers Nodersok malware that turns PCs into zombie proxies

Microsoft is warning that thousands of computers running Windows have been turned into zombie proxies by Nodersok, a new type of fileless malware. Since July of this year, threat actors have been distributing the malware via online ads that trigger the execution of various malicious files and scripts, which eventually

Read More
26 Sep 2019

Hackers Replace Windows Narrator to Get SYSTEM Level Access

Researchers with Cylance have uncovered a new hacking campaign that takes advantage of the Windows Narrator app that users can launch from the logon screen before they have entered their credentials. The attackers, who are believed to be operating from China, have developed a malicious version of the app that

Read More
19 Sep 2019

Windows Defender malware scans are failing after a few seconds

The latest version of Windows Defender, the built-in anti-malware solution of Windows 10, is affected by a bug that causes Quick or Full scans to stop running after inspecting only a few files. The flaw is the result of a recent patch issued by Microsoft to solve another issue. It

Read More
28 Aug 2019

Nearly Half of SMBs, Enterprises Still Using Windows 7: Kaspersky

Almost half of small to mid-sized businesses (SMBs) still use Windows 7, even though Microsoft will stop extended support for this operating system in January of next year (regular support ended in 2015.) In addition, 5% use Windows 8.1, which is receiving extended support until 2023, and 0.4% use Windows

Read More
03 Jun 2019

Microsoft issues second warning about patching BlueKeep as PoC code goes public

For the second time in a very short period, Microsoft has issued a warning urging organizations to install a security patch for the highly critical BlueKeep security flaw that impacts Remote Desktop Protocol (RDP) implementations on older Windows operating systems. The vulnerability, tracked as CVE-2019-0708, could be used by threat

Read More