cyber security Archives

Winsage

January 16, 2026

Easterly helms RSAC, Windows update problems, Police Copilot gaffe

Jen Easterly has been appointed as the new Chief Executive Officer of the RSA Conference. She is a cybersecurity expert and former Director of the Cybersecurity and Infrastructure Security Agency (CISA). Palo Alto Networks has released security updates for a vulnerability (CVE-2026-0227) with a CVSS score of 7.7 affecting its GlobalProtect Gateway and Portal, which can cause a denial-of-service condition in PAN-OS software. The January 2026 security update from Microsoft has caused connection and authentication failures in Azure Virtual Desktop and Windows 365, affecting users across various Windows versions. Microsoft is working on a resolution. The chief constable of West Midlands Police acknowledged an error by Microsoft’s Copilot AI in generating a fictional intelligence report. Microsoft has not confirmed Copilot's involvement. Britain’s National Cyber Security Centre (NCSC) has collaborated with Five Eyes partners to provide guidance on securing industrial operational technology, highlighting risks associated with remotely monitored systems. Kyowon, a South Korean conglomerate, confirmed a ransomware attack on January 10 that may have compromised customer information, affecting approximately 5.5 million members. Researchers at Varonis have identified a new attack technique called "Reprompt" that allows data exfiltration from Microsoft Copilot via a malicious link, exploiting a Parameter 2 Prompt (P2P) injection technique. Central Maine Healthcare is notifying over 145,000 patients about a data breach that compromised personal, treatment, and health insurance information, discovered on June 1.

Tech Optimizer

January 9, 2026

MacPaw Moonlock

Moonlock is a new antivirus solution for Mac developed by MacPaw, utilizing technology from CleanMyMac. It features a basic VPN, security configuration scan, and an elegant user interface, but some functionalities may not perform as expected. The annual subscription for a single Mac is priced higher than competitors like CleanMyMac and G Data Antivirus. Moonlock requires macOS 13 (Ventura) or later for compatibility. Setting up the app involves creating an account and granting permissions, with a full scan recommended post-installation. In independent lab tests, Moonlock scored 5.5 out of 6 in protection and 6 in usability, but its performance rating was 4.5 points, lower than competitors. The Security Advisor feature provides advice on enhancing security, while the System Protection feature identifies areas for improvement. Moonlock includes a basic VPN with 61 server cities in 50 countries. Its Network Inspector focuses on blocking traffic from specified countries, but its effectiveness is questionable. Flexible scan scheduling is available, but it does not guarantee the removal of Windows malware. The app includes informational panels and animated videos, but it currently lacks effective phishing protection, failing to block known fraudulent websites.

Tech Optimizer

December 4, 2025

Cyber security essentials with WSA partner PureCyber

Cyber security is crucial for organizations in the sport and leisure sector to protect digital assets from hackers and cybercriminals. Neglecting cyber security can lead to financial losses, reputational damage, operational disruptions, and legal issues. Key practices for enhancing cyber security include keeping software updated, using strong passwords, training employees, and employing firewalls and antivirus solutions. The Welsh Sports Association (WSA) has partnered with PureCyber to offer a subscription service called Foundations, which provides various cyber security benefits such as incident response, phishing simulations, endpoint detection and response, dark web monitoring, employee training, Microsoft 365 protection, and vulnerability management. WSA members can access this service at preferential rates, and a Lunchtime Learning session will be held to improve skills within member organizations. Interested parties can contact Maria Lopez for more information on the subscription.

AppWizard

December 3, 2025

India mandates SIM-linked messaging apps to fight rising fraud

India's Department of Telecommunications (DoT) has mandated that messaging services must operate with active SIM cards linked to users' phone numbers to combat cyber fraud. Popular apps like WhatsApp, Telegram, Signal, and Snapchat must comply with these SIM-binding rules within 90 days. The new regulations also require web sessions to automatically log out after six hours to enhance security and address issues related to long-lived web sessions, which have been exploited by fraudsters. This initiative aims to improve the traceability of accounts and reduce fraudulent activities, particularly phishing schemes and scams. Cyber-fraud losses in India reached ₹22,800 crore in 2024, prompting these Telecom Cyber Security measures. Users roaming with their SIMs will not be affected by the new regulations.

AppWizard

December 2, 2025

India Orders Messaging Apps to Work Only With Active SIM Cards to Prevent Fraud and Misuse

India's Department of Telecommunications (DoT) has mandated that app-based communication service providers implement measures requiring an active SIM card linked to the user's mobile number. This applies to messaging applications such as WhatsApp, Telegram, and Signal, which must comply within 90 days. The amendment to the Telecommunications (Telecom Cyber Security) Rules, 2024, aims to mitigate the misuse of telecommunication identifiers exploited for phishing and scams. The directive requires continuous linkage to the SIM card, and web service instances will log out every six hours, necessitating re-linking via QR code. This is intended to reduce account takeover risks and ensure that accounts are linked to KYC-verified SIMs. The DoT also announced a Mobile Number Validation (MNV) platform to combat identity fraud related to unverified mobile number associations.

Winsage

November 24, 2025

Cybersecurity specialist says make Microsoft Windows change – or ‘be exposed’

Microsoft Windows users are urged to update their systems due to the discontinuation of support for Windows 10, which has reached its end-of-life stage. Users are encouraged to upgrade to Windows 11 if their devices are compatible. Microsoft will cease providing security updates for Windows 10, increasing the risk of attacks. For those unable to upgrade, Microsoft offers an Extended Security Updates (ESU) program, currently free for home users with a Microsoft account, providing security updates until October 13, 2026. Users of earlier Windows versions, such as 7, 8, and Vista, have been without support for a longer time, making them more vulnerable. After support ends on October 14, 2025, Microsoft recommends upgrading to a supported version of Windows. Transitioning to a new device that runs Windows 11 can improve user experience and security, with trade-in and recycling schemes available for old devices.

Winsage

November 17, 2025

Windows 10 update failure, autonomous AI cyberattack, Feds fumble Cisco patches

Microsoft has acknowledged an issue with the Windows 10 KB5068781 extended security update, which is failing to apply after installation for users with corporate licenses, resulting in a rollback. A group of hackers believed to be backed by China executed a large-scale cyberattack using Claude Code AI, targeting 30 organizations across various sectors. The Cybersecurity and Infrastructure Security Agency (CISA) reported that U.S. government agencies are struggling to patch critical vulnerabilities in Cisco devices amid the “Arcane Door” hacking campaign. Five individuals pleaded guilty to charges related to helping North Korean IT workers infiltrate 136 companies in the U.S. from September 2019 to November 2022. Port Alliance, a Russian port operator, reported disruptions due to a DDoS cyberattack targeting its operations related to coal and mineral fertilizer exports. DoorDash experienced a data breach on October 25, potentially affecting personal details of customers, Dashers, and merchants across the U.S. and Canada, traced back to a social engineering scam. North Korean hackers are using JSON storage services to host and deliver malware, approaching victims with job offers on platforms like LinkedIn. Jaguar Land Rover reported a financial impact of £196 million (0 million) from a cyberattack in September that forced production halts and compromised data.

Winsage

November 12, 2025

New Microsoft Alert — Update Windows 10 And 11 Now, Attacks Underway

Google has released an emergency update for Chrome users to address a critical security vulnerability. Microsoft has issued a warning about a zero-day vulnerability in the Windows Kernel, identified as CVE-2025-62215, which is actively exploited by attackers to gain system privileges. This vulnerability is a privilege escalation flaw that requires an attacker to exploit a race condition. It affects nearly all assets running Microsoft software and can potentially allow remote code execution without needing an existing foothold. The root causes are linked to improper synchronization and double free issues, leading to kernel heap corruption and the ability for attackers to hijack system execution flow. Users are advised to update their systems immediately.

Winsage

November 11, 2025

Microsoft Patch Tuesday addresses 63 defects, including one actively exploited zero-day

Microsoft's latest security updates addressed 63 vulnerabilities, including a zero-day exploit designated as CVE-2025-62215, which affects the Windows Kernel and has a CVSS rating of 7.0. This vulnerability could allow attackers to gain system privileges, but details on its exploitation are not disclosed. It involves a race condition that requires additional exploits for full system compromise. A functional exploit for CVE-2025-62215 has been observed in the wild, although no public proof-of-concept exists. The most critical vulnerability this month is CVE-2025-60724, a remote-code execution flaw in the Microsoft Graphics Component with a CVSS rating of 9.8, though it is considered less likely to be exploited. Five other vulnerabilities, including three affecting the Windows Ancillary Function Driver for WinSock, are rated at 7.0 and flagged as having a higher likelihood of exploitation. Kernel-mode driver defects are highlighted as high-risk due to their role in network functionality.

Winsage

November 11, 2025

UK’s £312M Windows 10 Fiasco: Upgrading to Obsolescence on EOL’s Doorstep

The UK’s Department for Environment, Food and Rural Affairs (Defra) has allocated £312 million to upgrade its IT systems to Windows 10, just months before Microsoft ends support for the operating system on October 14, 2025. Defra faces challenges in migrating thousands of devices, with 24,000 outdated machines incompatible with newer systems. A survey indicates that 90% of UK finance firms also struggle with outdated IT infrastructure, increasing cybersecurity risks. The National Cyber Security Centre has warned organizations to prepare for migrations to Windows 11. Defra's £312 million expenditure includes software licenses, consulting fees, and hardware refreshes, but additional risks such as increased downtime and regulatory fines could lead to significant consequences. The department's outdated devices do not meet Windows 11’s TPM 2.0 requirements, complicating the upgrade process. Experts advocate for an upgrade to Windows 11, but extensive compatibility testing and user training are necessary. Government oversight bodies are scrutinizing Defra’s expenditures, and discussions suggest alternatives like Windows 10 IoT Enterprise LTSC, which offers updates until 2032. The financial implications of Microsoft’s Extended Security Updates pricing add strain, as costs double in subsequent years. The urgency for upgrades is emphasized by the potential cybersecurity risks, with experts warning of vulnerabilities affecting national food security and environmental initiatives.