IT security Archives

Winsage

August 22, 2025

IGEL benefits from seismic VMware and Windows 10 shifts

IGEL Technology, founded in 2001, initially specialized in thin clients but has shifted towards software solutions that protect endpoints with a read-only operating system, reducing the attack surface by up to 95 percent. Each endpoint operates statelessly, retaining no memory of past interactions, and is managed through a unified portal that integrates with various vendors like Zscaler and CrowdStrike. IGEL's solutions allow for the integration of endpoints in operational technology environments without introducing additional security vulnerabilities, effectively replacing EDR systems with over 120 integrations. The company aims to extend the lifespan of endpoints from 3-5 years to 6-8 years, providing significant cost savings and addressing the challenges posed by the transition from Windows 10 to Windows 11. IGEL's approach enhances security while offering flexibility in application delivery options, although it does not eliminate all cyber threats.

Winsage

August 8, 2025

German researchers show ‘Windows Hell No’ flaw at Black Hat

Microsoft is working to move Windows users away from traditional passwords to its Hello biometrics system. Researchers from ERNW Research, supported by the German government, discovered a critical vulnerability in Hello that allows individuals with local admin access or malware credentials to inject biometric data, bypassing security measures. Hello facilitates authentication for business users by connecting corporate PCs to platforms like Entra ID or Active Directory, storing a cryptographic key in a database linked to Microsoft's Windows Biometric Service. While Enhanced Sign-in Security (ESS) is designed to mitigate such vulnerabilities, not all PCs are compatible with it. During a presentation, researchers demonstrated the flaw by logging in with a facial scan and then injecting a captured facial scan to unlock the device. They suggested that users without ESS disable biometric authentication and revert to using a PIN. Microsoft has not yet responded to these findings, which are part of a research program called Windows Dissect.

Winsage

June 9, 2025

Microsoft: Remedy for security vulnerability due to deleted “inetpub” folder

A recent Microsoft security update has created a new folder named "inetpub" on Windows systems, which is essential for system security. If users delete this folder, it can lead to significant vulnerabilities. Microsoft has released a Powershell script, Set-InetpubFolderAcl.ps1, to restore the "inetpub" folder and set the correct permissions. Systems that installed the April security update (KB5055528) must take immediate action if the "inetpub" directory is missing. The script also updates access rights for the "DeviceHealthAttestation" directory, if it exists. Administrative rights are required to run the script. This issue was highlighted by IT security researcher Kevin Beaumont, who noted that deleting the "inetpub" folder could disrupt the installation of future security updates.

Tech Optimizer

May 2, 2025

The Pillars of AI-Driven Security

The cybersecurity landscape has shifted from traditional methods like firewalls and antivirus software to more sophisticated, AI-driven strategies. The 2024 Verizon Data Breach Investigations Report identifies ransomware as a leading attack type, with a median time to compromise now measured in hours. The attack surface is expanding due to remote work, cloud adoption, and IoT devices, while traditional security measures struggle to keep up. AI enhances security across three domains: prevention, detection, and response. 1. Prevention: AI distinguishes between legitimate and suspicious activities, improving predictive accuracy and enabling proactive defenses against attacks. AI models can identify zero-day malware and fileless attacks by focusing on behavior. 2. Detection: AI-powered tools like SIEM systems analyze vast amounts of data to identify risks and suspicious patterns in near real-time, reducing false positives and highlighting low-and-slow attacks and insider threats. 3. Response: AI automates rapid containment and remediation actions, allowing human analysts to focus on more complex tasks. Generative AI can assist in drafting incident reports and suggesting remediation measures. AI-driven security offers scale and efficiency, reducing breach costs significantly for organizations that utilize it. AI models adapt to evolving threats, and AI tools help bridge the cybersecurity skills gap. However, challenges include potential biases in AI models, the need for talent and change management, and privacy concerns. Organizations are encouraged to adopt AI-driven security as a core component of their digital defense strategy to improve risk posture and threat response.

Winsage

April 24, 2025

Microsoft security patch opens up new security vulnerability

Microsoft's recent update aimed at fixing a security vulnerability (CVE-2025-2104) has unintentionally created an "inetpub" folder on the system drive of Windows operating systems. This folder's creation has raised concerns among IT security researchers, particularly Kevin Beaumont, who warns that it could lead to issues with Windows updates. Users can create junctions that redirect to the "inetpub" folder, potentially causing failures in installing updates and leaving systems vulnerable. Microsoft has stated that the "inetpub" folder should not be deleted and that its presence is part of security enhancements.

Winsage

March 25, 2025

How To Secure Windows on a Mid-Sized Business Budget

Access provides advice on IT challenges, career transitions, and workplace dynamics. A mid-sized company faced a ransomware scare due to a user opening a malicious attachment but recovered data without paying the ransom. To enhance security in a Windows environment on a limited budget, the following steps are recommended: 1. Evaluate data storage by centralizing it on servers rather than individual workstations to improve security and simplify backups. 2. Implement the principle of Least Privilege Access, limiting user access to only necessary resources to reduce potential damage during attacks. 3. Utilize Microsoft's AppLocker to control which applications can run on Windows desktops, blocking unauthorized software. 4. Set up a ransomware kill switch using a custom PowerShell script to monitor for suspicious activities and trigger defensive actions if ransomware is detected.

Winsage

March 19, 2025

Windows 11 has a hidden FAQ page in testing that tells you why your PC is slow

Windows 11 will introduce a new FAQ page in its Settings app to help users identify potential limitations of their PCs. This feature, currently hidden in Dev Channel builds, will answer questions about the OS version and evaluate GPU adequacy for gaming and video tasks. It will also analyze the impact of having 4-8GB of RAM on performance. The feature can be activated using the third-party utility ViVeTool with ID “5530588,” but its effectiveness may vary across systems. Microsoft has faced criticism for Windows 11's strict minimum hardware requirements, which may prevent many PCs from upgrading from Windows 10. This situation may force users to upgrade hardware or consider alternatives like ChromeOS. Microsoft aims to enhance user experience with Windows 11, which may lead to increased hardware sales and user satisfaction.

Tech Optimizer

February 21, 2025

Serious PostgreSQL flaw exploited in US Treasury zero-day attack

Security researchers have identified a zero-day vulnerability in PostgreSQL, labeled CVE-2025-1094, which is believed to have contributed to the cyber breach of the US Treasury in December. The breach was initially attributed to the command injection vulnerability CVE-2024-12356 in the BeyondTrust Remote Support platform. Successful exploitation of CVE-2024-12356 required prior exploitation of CVE-2025-1094. Although BeyondTrust issued a patch for CVE-2024-12356 in December 2024, it did not resolve the underlying issue of CVE-2025-1094, leaving it a zero-day vulnerability until reported to PostgreSQL. Chinese hackers reportedly gained remote access to multiple workstations within the US Treasury, potentially compromising unclassified documents. The details of the accessed documents and the number of workstations involved are not disclosed. This incident is part of a broader pattern of cyber attacks linked to Chinese state-sponsored actors.

Winsage

February 5, 2025

Windows 10 on the brink of extinction: This is how vulnerable you really are!

Microsoft will cease support for Windows 10 in October 2025, meaning new security vulnerabilities will not be patched, increasing exposure to threats. Cybercriminals are expected to target Windows 10, which still has over 60% market share, making it an attractive target. ESET estimates that around 32 million PCs in Germany are still using Windows 10. Users can opt for the Extended Security Updates program for an additional cost, extending updates until October 2026, or use 0Patch for updates until 2030. Windows 10 IoT Enterprise LTSC 2021 will receive updates until 2032, but its use as an office PC is restricted. Users are encouraged to upgrade to Windows 11 where hardware compatibility exists for ongoing security updates and new features.

Winsage

December 27, 2024

Christmas special: Office 2021 Pro Key for only €35,24 and Windows at the lowest price of €15,29!

Godeal24 is hosting a Christmas sale with significant discounts on Microsoft licenses. Office 2021 Pro is priced at €32.25 for a five-PC version, and the Office 2021 Pro Plus key is available for €35.24, reflecting a 90% discount. Office 2016 Pro Plus is offered at €15.29, while Windows 11 Pro is available for €13.25, and Windows 10 Pro for €8.25. Volume discounts for bulk purchases are also provided. Customers can use the discount code "CWALLETCO" during checkout for additional savings. Godeal24 offers digital delivery, 24/7 technical support, and a 98% Excellent rating on TrustPilot. Customers can contact service@godeal24.com for inquiries.