Will Dormann

Cisco details a hacking campaign that penetrated multiple governments' networks using two zero-day flaws in its VPN and firewall Adaptive Security Appliances

Change Healthcare Finally Admits It Paid Ransomware Hackers—and Still Faces a Patient Data Leak

Microsoft disables Windows App Installer's ms-appinstaller after the URI scheme was used to spread malware; Microsoft disabled and re-enabled the scheme in 2022

While I was there this was used to deliver malware and had no basic security thought put into it, so they disabled the feature.  —  After I left they reenabled it, it got misused f...

Intel patches a bug affecting virtually all modern Intel CPUs that lets code running inside a VM crash hypervisors, a risk to cloud providers in particular

Among other things, bug allows code running inside a VM to crash hypervisors.  —  Intel on Tuesday pushed microcode updates to fix …

Google says North Korea-backed hackers are again targeting security researchers via a zero-day exploit; this still unfixed flaw is in a popular software package

Google researchers say currently unfixed vulnerability affects a popular software package.  —  North Korea-backed hackers …

Google says North Korea-backed hackers are again targeting security researchers via a zero-day exploit; this still unfixed flaw is in a popular software package

Google researchers say currently unfixed vulnerability affects a popular software package.  —  North Korea-backed hackers …

Google says North Korea-backed hackers are targeting security researchers with an exploit using a currently unfixed zero-day flaw in a popular software package

Google researchers say currently unfixed vulnerability affects a popular software package.  —  North Korea-backed hackers …

Google says North Korea-backed hackers are targeting security researchers with an exploit using a currently unfixed zero-day flaw in a popular software package

Google researchers say currently unfixed vulnerability affects a popular software package.  —  North Korea-backed hackers …

Google has been rolling out Chrome's “Enhanced Ad Privacy” via a popup, part of its Topics API; some say the “Got It” button is misleading as tracking is active

YMMV, based on where you are  —  Google has been gradually rolling out Chrome's “Enhanced Ad Privacy.”

X added five-second delays, some now removed, on t.co links to Instagram, Facebook, Threads, Bluesky, Substack, the NYT, Reuters, and other sites Musk attacks

The site formerly known as Twitter has added a five-second delay when a user clicks on a shortened link to the New York Times …

Microsoft admits Windows was not properly downloading and applying updates to the driver blocklist designed to thwart “bring your own vulnerable driver” attacks

Microsoft said Windows automatically blocked dangerous drivers.  It didn't.  —  For almost two years …

Plex tells users to reset passwords immediately after a hacker accessed some data, including emails, usernames, and encrypted passwords

is your credit card info exposed, too? Nathan Wasson / HotHardware : Plex Users Should Reset Their Login Information ASAP Due To Alarming Data Breach Rob Thubron / TechSpot : Plex ...

Microsoft and CISA warn users about DogWalk, a now-patched actively exploited RCE vulnerability in Windows 7, 10, 11, and Server 2008 through 2022

Microsoft and CISA warn users about DogWalk, a now-patched actively exploited RCE vulnerability in Windows 7, 10, 11, and Server 2008 through 2022

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitatio...

F5 disclosed and patched an actively exploited critical bug last week in its BIG-IP products that act as load balancers and firewalls within enterprise networks

Flaw in widely used gear from F5 executes root commands, no password necessary.  —  Researchers are marveling at the scope …

F5 disclosed and patched an actively exploited critical bug last week in its BIG-IP products that act as load balancers and firewalls within enterprise networks

Flaw in widely used gear from F5 executes root commands, no password necessary.  —  Researchers are marveling at the scope …

Researchers detail two new local privilege escalation vulnerabilities, one in recent builds of Windows 10 and the preview of Windows 11, and the other in Linux

Both OSes have flaws that allow attackers with a toehold to elevate access.  —  The world woke up on Tuesday to two new vulnerabilities … Source: US-CERT , Qualys Security Blog , a...

In a post on the REvil dark web blog, the gang takes credit for the Kaseya attack, claims it infected 1M+ systems, and demands $70M in bitcoin for the decryptor

and Kaseya's $70M REvil demand Usama Jawad / Neowin : Ransomware group demands $70 million in Bitcoin for “universal decryptor” Gavin Phillips / MUO : Ransomware Group Demands $70m...

Microsoft is planning to fix a Windows 10 vulnerability that could corrupt a NTFS-formatted hard drive simply by viewing a folder with a malicious shortcut

A bizarre Windows bug for 2021  —  Microsoft says it's planning to fix a bizarre Windows 10 bug that could corrupt a hard drive just by looking at an icon.

Microsoft is planning to fix a Windows 10 vulnerability that could corrupt a NTFS-formatted hard drive simply by viewing a folder with a malicious shortcut

A bizarre Windows bug for 2021  —  Microsoft says it's planning to fix a bizarre Windows 10 bug that could corrupt a hard drive just by looking at an icon.

Microsoft is planning to fix a Windows 10 vulnerability that could corrupt a NTFS-formatted hard drive simply by viewing a folder with a malicious shortcut

A bizarre Windows bug for 2021  —  Microsoft says it's planning to fix a bizarre Windows 10 bug that could corrupt a hard drive just by looking at an icon.