Experimental News Clipping Site

Tag: Microsoft Windows

  • The Register: VanHelsing ransomware emerges to put a stake through your Windows heart

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/25/vanhelsing_ransomware_russia/ Source: The Register Title: VanHelsing ransomware emerges to put a stake through your Windows heart Feedly Summary: There’s only one rule – don’t attack Russia, duh Check Point has spotted a fresh ransomware-as-a-service crew in town: VanHelsing, touting a cross-platform locker targeting Microsoft Windows, Linux, and VMware ESXi systems, among others. But…

  • Krebs on Security: ClickFix: How to Infect Your PC in Three Easy Steps

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/03/clickfix-how-to-infect-your-pc-in-three-easy-steps/ Source: Krebs on Security Title: ClickFix: How to Infect Your PC in Three Easy Steps Feedly Summary: A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed “ClickFix," the visitor to a hacked or malicious website is asked to distinguish themselves from…

  • Alerts: CISA Adds Six Known Exploited Vulnerabilities to Catalog

    by

    Kurt Seifried
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2025/03/11/cisa-adds-six-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Six Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-24983 Microsoft Windows Win32k Use-After-Free Vulnerability CVE-2025-24984 Microsoft Windows NTFS Information Disclosure Vulnerability CVE-2025-24985 Microsoft Windows Fast FAT File System Driver Integer…

  • Alerts: CISA Adds Five Known Exploited Vulnerabilities to Catalog

    by

    Kurt Seifried
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2025/03/03/cisa-adds-five-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Five Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20118 Cisco Small Business RV Series Routers Command Injection Vulnerability CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability CVE-2022-43769 Hitachi Vantara Pentaho BA Server…

  • Alerts: CISA Adds Four Known Exploited Vulnerabilities to Catalog

    by

    Kurt Seifried
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2025/02/11/cisa-adds-four-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Four Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-40891 Zyxel DSL CPE OS Command Injection Vulnerability CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability CVE-2025-21418 Microsoft Windows Ancillary Function Driver for…

  • The Register: AWS adds 32-vCPU option and an easier on-ramp to its cloudy desktops

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/17/aws_workspaces_upgrades/ Source: The Register Title: AWS adds 32-vCPU option and an easier on-ramp to its cloudy desktops Feedly Summary: Weirdly, this shows the weakness of hosted Windows with an admission about vidchats Amazon Web Services has flicked the switch on a pair of workstation-grade cloud desktops that, ironically, highlight a problem with the…

  • Alerts: CISA Adds Four Known Exploited Vulnerabilities to Catalog

    by

    Kurt Seifried
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2025/01/14/cisa-adds-four-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Four Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability CVE-2025-21333 Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability CVE-2025-21334 Microsoft Windows Hyper-V NT…

  • The Register: Europe coughs up €400 to punter after breaking its own GDPR data protection rules

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/13/data_broker_hacked/ Source: The Register Title: Europe coughs up €400 to punter after breaking its own GDPR data protection rules Feedly Summary: PLUS: Data broker leak reveals extent of info trading; Hot new ransomware gang might be all AI, no bark; and more Infosec in brief Gravy Analytics, a vendor of location intelligence info…

  • Hacker News: WorstFit: Unveiling Hidden Transformers in Windows ANSI

    by

    Kurt Seifried
    in

    Source URL: https://blog.orange.tw/posts/2025-01-worstfit-unveiling-hidden-transformers-in-windows-ansi/ Source: Hacker News Title: WorstFit: Unveiling Hidden Transformers in Windows ANSI Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a novel security vulnerability termed “WorstFit” that exploits Microsoft Windows’ character encoding and conversion mechanisms, particularly its Best-Fit behavior, leading to various forms of attacks including Remote Code Execution…