microsoft
Embargo ransomware escalates attacks to cloud environments
Microsoft warns that ransomware threat actor Storm-0501 has recently switched tactics and now targets hybrid cloud environments, expanding its strategy to compromise all victim assets. The threat actor first emerged in 2021 as a ransomware affiliate for the Sabbath ransomware operation. Later they started to deploy file-encrypting malware from Hive, BlackCat, LockBit, and Hunters International gangs. […]
Windows 10 KB5043131 update released with 9 changes and fixes
Microsoft has released the September 2024 non-security preview update for Windows 10, version 22H2, with fixes for bugs causing Edge web browser freezes and media playback issues. Today’s optional cumulative update (KB5043131) is a maintenance release designed to allow Windows administrators to test fixes and improvements. This will ensure a more reliable user experience when […]
Windows vulnerability abused braille “spaces” in zero-day attacks
A recently fixed “Windows MSHTML spoofing vulnerability” tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group. When first disclosed as part of the September 2024 Patch Tuesday, Microsoft had not marked the vulnerability as previously exploited. However, on Friday, Microsoft updated the CVE-2024-43461 advisory to indicate it […]
Windows Downdate tool lets you ‘unpatch’ Windows systems
SafeBreach security researcher Alon Leviev has released his Windows Downdate tool, which can be used for downgrade attacks that reintroduce old vulnerabilities in up-to-date Windows 10, Windows 11, and Windows Server systems. In such attacks, threat actors force up-to-date targeted devices to revert to older software versions, thus reintroducing security vulnerabilities that can be exploited to compromise […]
Microsoft Sway abused in massive QR code phishing campaign
A massive QR code phishing campaign abused Microsoft Sway, a cloud-based tool for creating online presentations, to host landing pages to trick Microsoft 365 users into handing over their credentials. The attacks were spotted by Netskope Threat Labs in July 2024 after detecting a dramatic 2,000-fold increase in attacks exploiting Microsoft Sway to host phishing […]
Microsoft confirms August updates break Linux boot in dual-boot systems
Microsoft has confirmed the August 2024 Windows security updates are causing Linux booting issues on dual-boot systems with Secure Boot enabled. The issue is caused by a Secure Boot Advanced Targeting (SBAT) update applied to block Linux boot loaders unpatched against the CVE-2022-2601 GRUB2 Secure Boot bypass vulnerability. “Resulting from this issue, your device might fail to boot […]
Hackers use PHP exploit to backdoor Windows systems with new malware
Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university’s Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). CVE-2024-4577 is a critical PHP-CGI argument injection flaw patched in June that impacts PHP installations running on Windows systems with PHP running in CGI mode. It allows unauthenticated attackers […]
Windows 11 preview update adds new Power mode options
Windows 11 Build 27686 has a few noteworthy improvements, such as 2TB support for FAT32 storage. It also improves Windows Sandbox and offers greater control over HDR settings, but there’s an undocumented change – the ability to set power mode for different power states. As shown in the screenshot below, Windows 11 will finally let you set different power modes […]
Windows 11 will give you greater control over HDR features
Microsoft has released Windows 11 Build 27686 with some hidden HDR-related changes. As noticed by Phantom on X, one of the hidden features is the ability to “allow HDR video streaming even when HDR is off.” As the name suggests, this basically allows you to stream HDR content without enabling HDR for the entire system. Additionally, the “HDR video […]
Microsoft disables BitLocker security fix, advises manual mitigation
Microsoft has disabled a fix for a BitLocker security feature bypass vulnerability due to firmware incompatibility issues that were causing patched Windows devices to go into BitLocker recovery mode. Tracked as CVE-2024-38058, this important severity security flaw can let attackers bypass the BitLocker Device Encryption feature and access encrypted data with physical access to the targeted […]