vulnerabilities

  1. Windows 8 January 10, 2023 - Official Support Ended for Windows 8.1

    Hello everyone, I wanted to let you all know that Microsoft ended mainstream support for Windows 8.1 on January 10, 2023. This means that there will be no more security updates or technical assistance for this operating system. It is important to note that after this date, using a computer...
  2. VIDEO Dangers Of Using Windows 7 in 2022

    :shocked:
  3. NEWS Thousands and thousands of Home windows laptops contaminated with ‘unremovable’ malware

    Safety consultants are warning that tens of millions of Home windows laptops are contaminated with malware that’s successfully ‘unremovable’. Over 100 laptops made by expertise agency Lenovo look like affected by a trio of important vulnerabilities which permit hackers to secretly set up malware...
  4. VIDEO ESET discovers 3 serious security vulnerabilities in Lenovo laptops

    :eek:
  5. AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activi

    Original release date: November 17, 2021 Summary Actions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591. • Implement Link Removed. •...
  6. VIDEO AA21-265A: Conti Ransomware

    Original release date: September 22, 2021 Summary Immediate Actions You Can Take Now to Protect Against Conti Ransomware • Use Link Removed. • Segment and segregate networks and functions. • Update your operating system and software. Note: This Alert uses the MITRE Adversarial Tactics...
  7. F

    Windows 10 Lockbit 2.0??

    Do we have a new assailant? This sounds worse than the printnightmare scenario which I don't believe has been fixed yet... any thoughts?
  8. AA21-209A: Top Routinely Exploited Vulnerabilities

    Original release date: July 28, 2021 Summary This Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau...
  9. AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs

    Original release date: July 19, 2021 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques...
  10. AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

    Original release date: July 19, 2021 Summary This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source...
  11. VIDEO Latest Windows 10 Update Fixes 50 Vulnerabilities

    :cool:
  12. Releasing Windows 10 Build 19043.1052 (21H1) to Beta & Release Preview Channels

    Hello Windows Insiders, today we’re releasing 21H1 Build 19043.1052 (KB5003637) to the Beta Channel & Release Preview Channel for those Insiders who are on 21H1. See our blog post here on preparing the Windows 10 May 2021 Update (21H1) for release. This security update includes quality...
  13. VIDEO Two Year Old Linux Backdoor Found, Microsoft Finds IoT Vulnerabilities - ThreatWire

    :eek: :eek:
  14. AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities

    Original release date: April 20, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020...
  15. AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities

    Original release date: March 3, 2021 Summary Cybersecurity and Infrastructure Security (CISA) partners have observed active exploitation of vulnerabilities in Microsoft Exchange Server products. Successful exploitation of these vulnerabilities allows an unauthenticated attacker to execute...
  16. AA21-055A: Exploitation of Accellion File Transfer Appliance

    Original release date: February 24, 2021 Summary This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[Link Removed] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United States.[Link Removed][6] These authorities are aware of...
  17. AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

    Original release date: December 17, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure...
  18. AA20-345A: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data

    Original release date: December 10, 2020<br/><h3>Summary</h3><p>This Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC).</p>...
  19. AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks

    Original release date: December 1, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK®) framework. See the <a href="Techniques - Enterprise | MITRE ATT&CK®">ATT&amp;CK for...
  20. AA20-296B: Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems

    Original release date: October 22, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to...