Microsoft Windows – Page 3 – WindowsTechs.com

ShrinkLocker: Turning BitLocker into ransomware

Posted on May 23, 2024 by Cristian Souza, Eduardo Ovalle, Ashley Muñoz, Christopher Zachor

The Kaspersky GERT has detected a new group that has been abusing Microsoft Windows features by modifying the system to lower the defenses and using the local MS BitLocker utility to encrypt entire drives and demand a ransom. Continue reading ShrinkLocker: Turning BitLocker into ransomware→

QakBot attacks with Windows zero-day (CVE-2024-30051)

Posted on May 14, 2024 by Boris Larin, Mert Degirmenci

In April 2024, while researching CVE-2023-36033, we discovered another zero-day elevation-of-privilege vulnerability, which was assigned CVE-2024-30051 identifier and patched on May, 14 as part of Microsoft’s patch Tuesday. We have seen it exploited by QuakBot and other malware. Continue reading QakBot attacks with Windows zero-day (CVE-2024-30051)→

Exploits and vulnerabilities in Q1 2024

Posted on May 7, 2024 by Alexander Kolesnikov, Vitaly Morgunov

The report provides vulnerability and exploit statistics, key trends, and analysis of interesting vulnerabilities discovered in Q1 2024. Continue reading Exploits and vulnerabilities in Q1 2024→

Financial cyberthreats in 2023

Posted on May 6, 2024 by Kaspersky

In this report, we share our insights into the 2023 trends and statistics on financial threats, such as phishing, PC and mobile banking malware. Continue reading Financial cyberthreats in 2023→

BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 2023

Posted on April 26, 2024 by Megan Crouse

Refreshed software and collaboration with the security researcher community may have contributed to the 5% drop. Continue reading BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 2023→

Determine Which Version of Microsoft Copilot Is Right for You

Posted on April 12, 2024 by mark w. kaelin

Trying to decide which version of Microsoft Copilot is right for you? This guide will help you compare and choose the one that best suits your needs. Continue reading Determine Which Version of Microsoft Copilot Is Right for You→

Hybrid Binaries On Windows for ARM: ARM64EC and ARM64X Explained

Posted on March 28, 2024 by Maya Posch

With ARM processors increasingly becoming part of the desktop ecosystem, porting code that was written for x86_64 platforms is both necessary and a massive undertaking. For many codebases a simple …read more Continue reading Hybrid Binaries On Windows for ARM: ARM64EC and ARM64X Explained→

A patched Windows attack surface is still exploitable

Posted on March 14, 2024 by Elsayed Elrefaei, Ashraf Refaat, Kaspersky GERT

In this report, we highlight the key points about a class of recently-patched elevation-of-privilege vulnerabilities affecting Microsoft Windows, and then focus on how to check if any of them have been exploited or if there have been any attempts to exploit them. Continue reading A patched Windows attack surface is still exploitable→

WoWMIPS: A MIPS Emulator for Windows Applications

Posted on February 17, 2024 by Maya Posch

When Windows NT originally launched it had ports to a wide variety of platforms, ranging from Intel’s x86 and i860 to DEC’s Alpha as well as the MIPS architecture. Running …read more Continue reading WoWMIPS: A MIPS Emulator for Windows Applications→

Windows CLFS and five exploits used by ransomware operators (Exploit #4 – CVE-2023-23376)

Posted on December 21, 2023 by Boris Larin

This is part five of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #4 – CVE-2023-23376)→