Microsoft's Windows Defender Advanced Threat Hunting team works to track down and identify hacking groups that perpetrate attacks. The focus is on the groups that are the most selective about their targets and that work the hardest to stay undetected. The company wrote about one particular group that it has named PLATINUM.
The unknown group has been attacking targets in South East Asia since at least 2009, with Malaysia being its biggest victim, with just over half the attacks, and Indonesia in second place. Almost half of the attacks were aimed at government organizations of some kind and a further quarter of the attacks were aimed at ISPs.
Read moreFor years, business-focused versions of Windows have had an AppLocker feature that lets you blacklist or whitelist apps. It's undoubtedly helpful for companies eager to keep malware or just risky software off their network.
A researcher in Colorado has discovered a feature in Regsvr32 that allows an attacker to bypass application whitelisting protections, such as those afforded by Microsoft's AppLocker. If the technique is used, there's little evidence left behind for investigators, as the process doesn't alter the system registry and in some cases comes across as normal Internet Explorer traffic.
Read moreSecurity researchers have discovered a nasty security vulnerability that is said to affect almost every version of Windows and Samba, the Samba development team announced Tuesday.
So, Save the Date if you are a Windows or Samba file server administrator. Samba is a free, open source implementation of the SMB/CIFS network file sharing protocol that runs on the majority of operating systems available today, including Windows, UNIX, Linux, IBM System 390, and OpenVMS. Dubbed Badlock, the vulnerability has been discovered by Stefan Metzmacher, a developer of Samba Core Team.
Read moreMyth: By disabling all privacy compromising and telemetry features on Windows 10 will stop Microsoft to track your activities. Fact: Even after all telemetry features disabled, Windows 10 is phoning home more than you could ever think of.
Ever since the launch of Microsoft's newest operating system, Windows 10 is believed to be spying on its users. I wrote a number of articles to raise concern about Windows 10 privacy issues. The only solution believed to cope up with these issues is to disable all the telemetry features or use an automated tool to disable all privacy-infringing features in just one click.
Read moreOne of a heaping collection of critical bug fixes pushed out by Microsoft was an update to the Microsoft Office suite designed to close a vulnerability that would allow an attacker to sneak past Outlook's security features.
While the patch addressed multiple vulnerabilities in the way Office manages objects in memory, the most severe of them allows for remote code execution through a "specially crafted Microsoft Office file," Microsoft reported. The vulnerability allows a crafted attachment to an e-mail to bypass Outlook's layers of security by exploiting Office's Object Linking and Embedding capabilities and Outlook's Transport Neutral Encapsulation Format.
Read moreYou should be very careful while visiting websites on the Internet because you could be hit by a new upgrade to the World's worst Exploit Kit – Angler, which lets hackers develop and conduct their own drive-by attacks on visitors' computers with relative ease.
Many poorly-secured websites are targeting Windows users with a new "Cocktail" of malware that steals users' passwords before locking them out from their machines for ransom. Yes, stealing Windows users' passwords before encrypting their data and locking their PCs for ransom makes this upgrade to the Angler Exploit Kit nastier. Here's How the New Threat Works:
Read moreWindows 10 is possibly making unwanted changes to your gaming rig. Microsoft’s first big update for its operating-system-as-a-service is deleting some user-installed apps without asking Windows owners for permission.
The affected programs include hardware monitoring tools CPU-Z and Speccy as well as the AMD Catalyst Control Center for tweaking your Radeon graphics cards. In all of these instances, it seems that the programs no longer functioned properly with the newest version of Windows 10, and the apps were often causing crashes and the blue screen of death.
Read moreAfter the Apple App Store and the Google Play Store were used to distribute all kinds of malware to users' phones, it seems that now's the time for Microsoft's Windows Phone Store to be abused as well.
While Apple and Google's stores were used to push quite dangerous malware, Microsoft's store seems to be affected by a much less critical issue, allowing developers to upload fake apps that only force-feed users with adware. According to Avast, Windows Phone users are in danger of being duped into installing fake apps that are repackaged versions of legitimate applications, retooled to serve ads and redirect users to buy or download specific products.
Read moreWindows users who rely on TrueCrypt to encrypt their hard drives have a serious security problem: a researcher has discovered two critical flaws in the program.
TrueCrypt may have been abandoned by its original developers, but it remains one of the few encryption options for Windows. That keeps researchers interested in finding holes in the program and its spin-offs. A member of Google’s Project Zero team has recently discovered two vulnerabilities in the driver that TrueCrypt installs on Windows systems. The flaws could allow attackers to obtain elevated privileges on a system if they have access to a limited user account.
Read moreIt has been nearly two months since the launch of Windows 10, and Microsoft is finally responding to the growing privacy concerns around the new operating system. In a detailed blog post from Windows chief Terry Myerson, Microsoft details all of the ways Windows 10 collects and uses data.
There have been a number of concerns over the content of application crash data, but Myerson reveals Microsoft doesn't collect content or files, and that the company takes "several steps to avoid collecting any information that directly identifies you, such as your name, email address or account ID."
Read moreAxarhöfði 14,
110 Reykjavik, Iceland