Search Results for: Microsoft
Google fixes ninth Chrome zero-day exploited in attacks this year
Today, Google released a new Chrome emergency security update to patch a zero-day vulnerability tagged as exploited in attacks. “Google is aware that an exploit for CVE-2024-7971 exists in the wild,” the company said in an advisory published on Wednesday. This high-severity zero-day vulnerability is caused by a type confusion weakness in Chrome’s V8 JavaScript engine. Security researchers with […]
New Windows updates break dual boot on some Linux systems
According to user reports following this month’s Patch Tuesday, the August 2024 Windows updates are breaking dual boot on Linux systems with Secure Boot enabled. This issue is caused by Microsoft’s decision to apply a Secure Boot Advanced Targeting (SBAT) update to block Linux boot loaders unpatched against the CVE-2022-2601 GRUB2 Secure Boot bypass vulnerability, which could […]
US warns of Iranian hackers escalating influence operations
The U.S. government is warning of increased effort from Iran to influence upcoming elections through cyber operations targeting Presidential campaigns and the American public. In a joint statement from the Office of the Director of National Intelligence (ODNI), the FBI, and the Cybersecurity and Infrastructure Security Agency (CISA), the U.S. says that Iran carried out cyberattacks […]
Windows driver zero-day exploited by Lazarus hackers to install rootkit
The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems. Microsoft fixed the flaw, tracked as CVE-2024-38193 during its August 2024 Patch Tuesday, along with seven other zero-day vulnerabilities. CVE-2024-38193 is a Bring Your Own Vulnerable Driver (BYOVD) vulnerability in the Windows Ancillary Function […]
Windows 11 preview update adds new Power mode options
Windows 11 Build 27686 has a few noteworthy improvements, such as 2TB support for FAT32 storage. It also improves Windows Sandbox and offers greater control over HDR settings, but there’s an undocumented change – the ability to set power mode for different power states. As shown in the screenshot below, Windows 11 will finally let you set different power modes […]
New Mad Liberator gang uses fake Windows update screen to hide data theft
A new data extortion group tracked as Mad Liberator is targeting AnyDesk users and runs a fake Microsoft Windows update screen to distract while exfiltrating data from the target device. The operation emerged in July and although researchers observing the activity did not seen any incidents involving data encryption, the gang notes on their data leak […]
Windows 11 will give you greater control over HDR features
Microsoft has released Windows 11 Build 27686 with some hidden HDR-related changes. As noticed by Phantom on X, one of the hidden features is the ability to “allow HDR video streaming even when HDR is off.” As the name suggests, this basically allows you to stream HDR content without enabling HDR for the entire system. Additionally, the “HDR video […]
Ransomware gang deploys new malware to kill security software
RansomHub ransomware operators are now deploying new malware to disable Endpoint Detection and Response (EDR) security software in Bring Your Own Vulnerable Driver (BYOVD) attacks. Named EDRKillShifter by Sophos security researchers who discovered it during a May 2024 ransomware investigation, the malware deploys a legitimate, vulnerable driver on targeted devices to escalate privileges, disable security […]
Guide to the Best Laptops for Kids in School
Choosing the right laptop for a student can be challenging. There are plenty of options available, so it’s important to consider the student’s age, grade level, and specific needs when making a decision. This article offers personalized laptop recommendations for students in elementary, middle, and high school. It’s essential to ensure that each student has […]
GitHub Actions artifacts found leaking auth tokens in popular projects
Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD workflows. Attackers stealing these tokens could gain unauthorized access to private repositories, steal source code, or inject malicious code into projects. The discovery by Palo Alto Networks’ Unit 42 […]