cybersecurity issues Archives

Winsage

December 12, 2025

Windows Defender Firewall Service Vulnerability

On December 9, 2025, Microsoft addressed a vulnerability identified as CVE-2025-62468, which allowed an authenticated local attacker to access sensitive memory within the Windows Defender Firewall Service due to an out-of-bounds read in the service's memory handling routines. This flaw could expose heap or process memory, potentially revealing sensitive information. The vulnerability requires local authenticated access, raising concerns for both home users and system administrators. Microsoft classified the vulnerability as important, emphasizing the need for prompt action. Users are advised to update their systems through Windows Update to mitigate the risk. There is no confirmed public exploit for this vulnerability, and it does not allow remote code execution, but it can lead to information disclosure.

Winsage

September 12, 2025

Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence

U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to investigate Microsoft for "gross cybersecurity negligence" linked to ransomware attacks on U.S. healthcare networks. In a letter to FTC Chairman Andrew Ferguson, Wyden expressed concerns about Microsoft's cybersecurity practices and its dominant market position, which he believes pose a national security risk. He referenced a ransomware attack on the healthcare system Ascension that affected 5.6 million individuals, attributed to the Black Basta group, and noted that the breach was initiated by a contractor clicking a malicious link on Microsoft's Bing search engine. The attackers exploited insecure default settings in Microsoft software, using a method called Kerberoasting that targets the Kerberos authentication protocol. This method takes advantage of the outdated RC4 encryption technology, which Microsoft still supports. Wyden criticized Microsoft's lack of adequate warnings about the risks associated with RC4 and pointed out that the software does not enforce a minimum password length of 14 characters for privileged accounts. Microsoft plans to phase out RC4 in future updates, with new installations of Active Directory Domains using Windows Server 2025 set to have RC4 disabled by default starting in Q1 of 2026. Additionally, a report from the U.S. Cyber Safety Review Board highlighted preventable errors that allowed Chinese threat actors to compromise Microsoft Exchange Online mailboxes. Despite these cybersecurity issues, Microsoft continues to secure lucrative federal contracts.

AppWizard

July 15, 2025

Google is doubling down on cybersecurity using AI

Google's AI security agent, Big Sleep, has identified a vulnerability in SQLite, designated as CVE-2025-6965, which was being exploited by hackers. Enhancements have been made to Google's open-source forensics tool, now operating on the upgraded Sec-Gemini platform for improved log analysis and threat detection. Google is set to unveil FACADE, an insider threat detection system that has monitored billions of daily events since 2018 using contrastive learning. At DEF CON 33, Google will co-host a Capture the Flag event with Airbus, involving AI assistants in security challenges. Google is contributing data from its Secure AI Framework to the Coalition for Secure AI to enhance research in cybersecurity. The AI Cyber Challenge, a DARPA-led competition supported by Google, is nearing its conclusion, with winners showcasing AI tools for identifying and rectifying vulnerabilities in open-source software.

Winsage

February 19, 2025

A new and dangerous keylogger is on the loose – here’s how to stay safe

Cybersecurity experts at Fortinet have identified a new threat called the Snake Keylogger, which has been involved in over 280 million blocked infection attempts. This malware uses advanced obfuscation techniques, making it difficult to detect and neutralize, and poses risks to individuals and organizations by allowing attackers access to sensitive data. Cybersecurity professionals recommend proactive defense strategies, including keeping antivirus software updated and educating users about cybersecurity issues. Fortinet has not revealed the creators of the Snake Keylogger or specific industries it targets.

Tech Optimizer

October 22, 2024

Kaseya survey finds human behaviour a top cyber threat

Kaseya's 2024 Cybersecurity Survey Report highlights that 89% of IT professionals view human behavior as the primary threat to cybersecurity. Phishing scams impact 58% of businesses surveyed, while ransomware payouts have declined to 11% due to increased investments in backup and recovery technologies. Over 80% of respondents expect their IT security budgets to remain stable or grow, with planned investments in cloud security, automated penetration testing, and security awareness training. The survey indicates a rise in cyber insurance adoption, increasing from 27% to 61% in 2024. The sample primarily includes companies from North America, with a focus on those with annual revenues between USD million and USD million and employing 101 to 500 individuals.

Winsage

October 11, 2024

Microsoft Recall: A game changer with high risks

Microsoft postponed the launch of its Recall feature due to significant security concerns. Recall is an AI-driven tool designed to track user activity over the past six months, capturing screen snapshots every five seconds and cataloging content for easy retrieval. The tool poses risks of exposing sensitive data to threat actors, which could be exploited for extortion. In response to these concerns, Microsoft announced two new security features: just-in-time encryption for the database and mandatory re-authentication through Microsoft Hello before accessing Recall. Despite these measures, unauthorized access remains a concern. Microsoft reassured users that the Azure AI tool processes data locally, keeping sensitive information off the cloud. Recommendations for future use include configuring settings to exclude certain applications from tracking, recognizing privacy setting limitations, employing anti-malware tools, and potentially allowing users to shorten the retention period of data collected.

Tech Optimizer

July 1, 2024

The U.S. Bans Kaspersky Antivirus, WordPress Plugin Supply Chain Attacks

The Biden administration has banned Kaspersky antivirus software in the U.S. due to security concerns related to its Russian origins.