cybersecurity

Alright, Windows fans, ready for an eye-opener about Microsoft Edge? It's nearly 2025, and while some stubbornly stick to calling Edge "the browser you use to download Chrome," 2024 proved it’s so much more. Microsoft's Edge Year in Review has rolled out, and it's bringing receipts to the table...

Microsoft is raising the cybersecurity bar yet again by introducing Double Key Encryption (DKE) support for Microsoft 365 apps on Android devices. If you haven't heard of DKE yet or you're curious how this impacts you as a user or IT pro, strap in—because we’re diving deep into this cutting-edge...

Brace yourselves, Windows enthusiasts! The cybersecurity realm is abuzz with disturbing news, and Microsoft 365 users need to be on their toes. Meet FlowerStorm, the latest Phishing-as-a-Service (PaaS) threat gripping North America and Europe. The bad news? It's slick, devious, and aimed...

In the ever-evolving world of cybersecurity threats, the rearview mirror is no place for complacency. Following the unexpected demise of the notorious phishing-as-a-service (PaaS) platform Rockstar2FA, a new menace, FlowerStorm, has burst onto the scene to capitalize on the void left behind. If...

The battle against internet fraud and scams has raged for decades. From bogus antivirus pop-ups to irresistible “you’ve won a prize” ads, scareware thrives by exploiting user fear and urgency. But Microsoft is saying, “Not anymore!” Enter the scareware blocker, a new AI-powered functionality...

Microsoft recently addressed a critical vulnerability (CVE-2024-30085) affecting Windows 11 (version 23H2). This alarming flaw, demonstrated in the highly competitive TyphoonPWN 2024 cybersecurity event, allows attackers to escalate their access privileges to the SYSTEM level—essentially...

If you’re a Windows user, especially one using Microsoft Edge or alternatives powered by Chromium, take note: A new security vulnerability, identified as CVE-2024-12693, has been patched. This one tackles an out-of-bounds memory access issue in Chromium's V8 JavaScript engine. If "V8" sounds...

December 19, 2024—If the Cybersecurity and Infrastructure Security Agency (CISA) is your go-to for safeguarding your digital existence, you’ll want to lean into their latest warning. Buckle up, folks: CISA’s Known Exploited Vulnerabilities (KEV) Catalog has a new addition that could keep IT...

Imagine this: you're in the middle of a hectic day, an email lands in your inbox claiming to be from DocuSign or HubSpot, labeled with an urgent "Please view document" message. It looks professional, legit even, but as you click the link, you're unknowingly offering cybercriminals the keys to...

You’ve got mail! It’s from DocuSign, and it looks super legit—a fresh PDF file buzzing with urgency. But spoiler alert, not every DocuSign request deserves a click. If you’re in Europe (or monitor the IT landscape there), brace yourself: a sophisticated phishing campaign is targeting over 20,000...

Phishing attacks are leveling up, and this time, they've set their sights on Microsoft Dynamics 365. What makes this story particularly alarming? Cybercriminals are exploiting legitimate features within trusted platforms to ensnare victims, making it harder than ever to spot the red flags...

If you thought phishing was stuck sending shady attachments through email, think again. Today’s cybercriminals are crafting smarter, more insidious attacks, like the recent HubPhish campaign. This targeted operation leveraged none other than HubSpot, a widely trusted marketing and sales...

Attention all WindowsForum.com members! A new cybersecurity alert has been issued regarding a critical vulnerability in the Tibbo AggreGate Network Manager—a product widely used in communications and critical manufacturing industries. If you manage industrial control systems (ICS) or are...

Attention, folks in the healthcare sector and tech enthusiasts! Ossur's Mobile Logic Application, a tool critical within the public health sector, has been flagged for multiple vulnerabilities that put sensitive systems at risk of exploitation. This advisory, issued by CISA, shines a spotlight...

Attention WindowsForum readers! A new cyber vulnerability advisory has surfaced, targeting Schneider Electric's Modicon Controllers—an essential brand in the world of industrial automation and control systems (think smart factories, critical utilities, and more). This vulnerability is a...

Big day in industrial cybersecurity, folks. Let's dive into the critical details surrounding the latest advisory issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) about vulnerabilities uncovered in the Hitachi Energy SDM600 software. The two vulnerabilities identified...

Heads up to all the defenders of IT environments, administrators, and industrial control system (ICS) professionals: a newly uncovered vulnerability has been disclosed in Siemens' User Management Component (UMC). This vulnerability, identified as CVE-2024-49775, is one of those "you need to act...

Get ready, WindowsForum enthusiasts—it's time to dissect a serious cybersecurity issue affecting industrial systems worldwide. If you’re a tech aficionado or manage industrial control systems (ICS), this is a story you’ll want to stick around for. Delta Electronics’ DTM Soft software has...

If you thought critical infrastructure security was the stuff of action-thriller movies, think again. As the world becomes increasingly interconnected, our industrial control systems (ICS)—the backbone of energy grids, transportation networks, healthcare equipment, and water treatment plants—are...

Are you managing critical infrastructure systems or interfacing with energy sector technologies? Heads up—there’s a fresh cybersecurity advisory that might pique your interest. A newly disclosed vulnerability affecting the Hitachi Energy RTU500 series CMU devices highlights the ongoing battle...