Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike. "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the company's CEO George Kurtz said in a statement. "Mac and Linux hosts are not … [Read more...] about Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide
windows
New PHP Vulnerability Exposes Windows Servers to Remote Code Execution
Jun 08, 2024NewsroomVulnerability / Programming Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating … [Read more...] about New PHP Vulnerability Exposes Windows Servers to Remote Code Execution
These Fake Antivirus Sites Spreading Android and Windows Malware
May 24, 2024NewsroomMalvertising / Endpoint Security Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. "Hosting malicious software through sites which look legitimate is predatory … [Read more...] about These Fake Antivirus Sites Spreading Android and Windows Malware
Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices. "Their various malware … [Read more...] about Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections
Jan 01, 2024NewsroomWindows Security / Vulnerability Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach "leverages executables commonly … [Read more...] about New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections
New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
Nov 09, 2023NewsroomEndpoint Security / Malware A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. "This incident is a part of a larger malvertising campaign that targets other utilities like Notepad++, Citrix, and VNC Viewer as … [Read more...] about New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs
Jun 14, 2023Ravie LakshmananCyber Threat / Malware A new Golang-based information stealer called Skuld has compromised Windows systems across Europe, Southeast Asia, and the U.S. "This new malware strain tries to steal sensitive information from its victims," Trellix researcher Ernesto Fernández Provecho said in a Tuesday analysis. "To accomplish this task, it searches for … [Read more...] about New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs
New All-in-One “EvilExtractor” Stealer for Windows Systems Surfaces on the Dark Web
Apr 24, 2023Ravie LakshmananCyber Risk / Dark Web A new "all-in-one" stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors to steal data and files from Windows systems. "It includes several modules that all work via an FTP service," Fortinet FortiGuard Labs researcher Cara Lin said. "It also contains environment … [Read more...] about New All-in-One “EvilExtractor” Stealer for Windows Systems Surfaces on the Dark Web
Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools
Mar 27, 2023Ravie LakshmananPrivacy / Windows Security Microsoft has released an out-of-band update to address a privacy-defeating flaw in its screenshot editing tool for Windows 10 and Windows 11. The issue, dubbed aCropalypse, could enable malicious actors to recover edited portions of screenshots, potentially revealing sensitive information that may have been cropped … [Read more...] about Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools
“Fobo” Trojan distributed as ChatGPT client for Windows
The golden rule — “if something is popular, criminals will exploit it” — strikes once again. This time, we’re talking about the trending ChatGPT chatbot, developed by OpenAI, which has been all over the news of late. A word about the popularity of ChatGPT When OpenAI opened access to its AI chatbot (that is, a chatbot based on neural networks trained on a vast corpus of text), … [Read more...] about “Fobo” Trojan distributed as ChatGPT client for Windows