Microsoft: Happy 2025. Here’s 161 Security Updates

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017. Continue reading Microsoft: Happy 2025. Here’s 161 Security Updates

This Week in Security: IOCONTROL, (Location) Leaking Cars, and Passkeys

Claroty’s TEAM82 has a report on a new malware strain, what they’re calling IOCONTROL. It’s a Linux malware strain aimed squarely at embedded devices. One of the first targets of …read more Continue reading This Week in Security: IOCONTROL, (Location) Leaking Cars, and Passkeys

Lumma/Amadey: fake CAPTCHAs want to know if you’re human

Malicious CAPTCHA distributed through ad networks delivers the Amadey Trojan or the Lumma stealer, which pilfers data from browsers, password managers, and crypto wallets. Continue reading Lumma/Amadey: fake CAPTCHAs want to know if you’re human

Is a Bitlocker encrypted SSD at risk when booting from another SSD in the same machine?

Let’s say I have a laptop with two different SSDs in it, each of them encrypted by Bitlocker, and each of them having their own unique Windows 11 installation.
If the primary SSD is encrypted with Bitlocker, and I boot up the secondary SSD… Continue reading Is a Bitlocker encrypted SSD at risk when booting from another SSD in the same machine?

Is BitLocker susceptible to any known attacks other than bruteforcing when used with a very strong passphrase and no TPM?

I have learned about attacks where the BitLocker master key can be sniffed on its way from the CPU to the TPM using a logic analyzer. However, in computer configurations without TPMs, this is obviously not possible. Furthermore, as I under… Continue reading Is BitLocker susceptible to any known attacks other than bruteforcing when used with a very strong passphrase and no TPM?