News & Updates
NSA Warns Microsoft Windows Users: Update Now or Face 'Devastating Damage'
The U.S. National Security Agency (NSA) are warning users of Microsoft Windows to check if their systems are fully patched and, if not, to update now or risk a "devastating" and "wide-ranging impact."
Prevent a worm by updating Remote Desktop Services
Microsoft have released fixes for a critical Remote Code Execution vulnerability, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows.
Researchers use Rowhammer bit flips to steal 2048-bit crypto key
The Rowhammer exploit that lets unprivileged attackers corrupt or change data stored in vulnerable memory chips has evolved over the past four years to take on a range of malicious capabilities.
This is how scammers are now abusing Google Calendar to pillage your data
Scammers are now targeting Google Calendar, sending unsolicited event invitations by abusing a free online calendar service that adds invitations and events to users' calendars automatically.
Microsoft patches 22 critical flaws, four zero days on June Patch Tuesday
Microsoft's June Patch release included 22 rated as critical and four that covered previously announced zero-day vulnerabilities.
DHS Issues Alert for Windows 'BlueKeep' Vulnerability
BlueKeep impacts the Windows Remote Desktop Services (RDS) and it can be exploited by sending specially crafted packets to the targeted device. The vulnerability has been described as wormable and it has been compared to the EternalBlue exploit, which the notorious WannaCry ransomware used back in 2017.
Security baseline for Windows 10 v1903 and Windows Server v1903
The final release of the security configuration baseline settings for Windows 10 version 1903 has been announced.
Windows Terminal Preview
This preview of Windows Terminal displays the new, modern, fast, efficient, powerful, and productive terminal application for users of command-line tools and shells like Command Prompt, PowerShell, and WSL.
Security firms demonstrate subdomain hijack exploit vs. EA/Origin
Israeli security firms Check Point and CyberInt partnered up this week to find, exploit, and demonstrate a nasty security flaw that allows attackers to hijack player accounts in EA/Origin's online games.