windows

TL; DR: The DNS resolver in Windows 10 sends requests to all DNS server addresses known to the system in parallel, binding the request to the interface, and uses the response that came faster. If you use a DNS server from a local segment, this behavior allows your ISP or an attacker with a Wi-Fi...

There is a solution to the problem of disabling a VPN, but there are some nuances. Microsoft fixed an issue that caused VPN connections to stop working on client and server platforms after installing the April Windows updates. Affected Windows versions include Windows 11, Windows 10, and...

The corporation destroyed another way to infect systems. Microsoft has fixed a zero-day vulnerability that was actively used to spread the QakBot botnet on Windows systems. The heap-based buffer overflow vulnerability CVE-2024-30051 (CVSS score 3.1: 7.8) affects the Desktop Window Manager...

Kaspersky Lab has announced the discovery of the "most advanced" cyber espionage network, named Careto (from the Spanish word harya, erysipelas). In Russian, the network and its associated Trojan are called "Mask", in English - The Mask. The researchers gave the name Careto to the Trojan after...

The cybercrime group Fancy Bear, which in the West is associated with Russia, took advantage of a vulnerability in the Windows print service component to load a previously unknown malware into the system — goosegg. This malware has been active since June 2020 and uses an already fixed bug that...

Связанный с Россией субъект угрозы национальному государству, отслеживаемый как APT28, использовал уязвимость системы безопасности в компоненте диспетчера очереди печати Microsoft Windows для доставки ранее неизвестного пользовательского вредоносного ПО под названием GooseEgg. Инструмент для...

It turns out that Microsoft's proprietary tool can not only hang... Over the past few years, security experts have observed an increase in cyber attacks on organizations in Eastern and Western Europe, as well as North America. The reason for this is hackers from the APT29 group, who actively...

Новое исследование показало, что процесс преобразования пути DOS в NT может быть использован злоумышленниками для получения руткит-подобных возможностей для сокрытия файлов, каталогов и процессов и олицетворения их личности. "Когда пользователь выполняет функцию, у которой есть аргумент path в...

The SafeBreach study reveals serious risks in converting file paths. A new study has found vulnerabilities in the process of converting DOS to NT paths in the Windows operating system, which can allow attackers to hide files, mimic directories and processes, acquiring capabilities similar to...

Incorrect DOS paths in the file name nomenclature in Windows can be used to hide malicious content, files, and processes. A researcher from SafeBreach, Or Yair, identified a problem related to the process of converting a DOS path to NT format in Windows. Attackers gain rootkit capabilities to...

At the Black Hat Asia conference held in Singapore, two new ways to use Windows fibers to execute malicious code were presented. One of them, Poison Fiber, allows attacks to be carried out remotely. Both PoC's are authored by independent information security researcher Daniel Jary. According to...

The company uses full-screen banners to remind you about the transition to Windows 11. Microsoft is actively encouraging users to upgrade to Windows 11, as official support for Windows 10 expires in October 2025. The company started displaying full-screen banners with a reminder about this...

Критический недостаток безопасности в стандартной библиотеке Rust может быть использован для нацеливания на пользователей Windows и организации атак с использованием командного ввода. Уязвимость, отслеживаемая как CVE-2024-24576, имеет оценку CVSS 10.0, что указывает на максимальную...

A vulnerability in popular programming languages allows hackers to remotely inject code into the system. A vulnerability has been discovered in the standard library of the Rust programming language that allows malicious code to be executed on Windows. CVE-2024-24576 (CVSS score: 10) is related...

Microsoft uses clever methods to promote Edge. In the February updates of Windows 10 (KB5034763) and Windows 11 (KB5034765), Microsoft introduced an innovation that caused discussions among users and IT professionals. The company has implemented a Windows driver that prevents changes to the...

Несмотря на множество доступных решений для обеспечения безопасности, все больше организаций становятся жертвами программ-вымогателей и других угроз. Эти продолжающиеся угрозы - это не просто неудобство, от которого страдают предприятия и конечные пользователи, они наносят ущерб экономике...

The Samba development team has announced the first stable release of the 4.20 series. The Samba development team has announced the first stable release of the 4.20 series, which includes significant updates and improvements. The release enhances the functionality of Samba as a full-fledged...

China's state structures: why do we need Western technologies if we have our own? China is gradually abandoning the use of Intel and AMD chips, the Windows operating system, and foreign databases in favor of domestic alternatives. The requirements mainly relate to computers and servers owned by...

Specialists managed to uncover 19 zero-day vulnerabilities and win cash prizes. On the first day of the Pwn2Own competition in Vancouver in 2024, participants demonstrated 19 zero-day vulnerabilities in Windows 11, Tesla cars, and Ubuntu. For their findings, experts received awards totaling...

3 work environment options and built-in applications offer you to learn and work comfortably. Zorin, the developer of the Linux distribution Zorin OS, aimed at inexperienced users, announced the release of Zorin OS 17.1, which offers 3 working environment options depending on your needs. Zorin...