ransomware attack Archives

Winsage

January 16, 2026

Easterly helms RSAC, Windows update problems, Police Copilot gaffe

Jen Easterly has been appointed as the new Chief Executive Officer of the RSA Conference. She is a cybersecurity expert and former Director of the Cybersecurity and Infrastructure Security Agency (CISA). Palo Alto Networks has released security updates for a vulnerability (CVE-2026-0227) with a CVSS score of 7.7 affecting its GlobalProtect Gateway and Portal, which can cause a denial-of-service condition in PAN-OS software. The January 2026 security update from Microsoft has caused connection and authentication failures in Azure Virtual Desktop and Windows 365, affecting users across various Windows versions. Microsoft is working on a resolution. The chief constable of West Midlands Police acknowledged an error by Microsoft’s Copilot AI in generating a fictional intelligence report. Microsoft has not confirmed Copilot's involvement. Britain’s National Cyber Security Centre (NCSC) has collaborated with Five Eyes partners to provide guidance on securing industrial operational technology, highlighting risks associated with remotely monitored systems. Kyowon, a South Korean conglomerate, confirmed a ransomware attack on January 10 that may have compromised customer information, affecting approximately 5.5 million members. Researchers at Varonis have identified a new attack technique called "Reprompt" that allows data exfiltration from Microsoft Copilot via a malicious link, exploiting a Parameter 2 Prompt (P2P) injection technique. Central Maine Healthcare is notifying over 145,000 patients about a data breach that compromised personal, treatment, and health insurance information, discovered on June 1.

Winsage

January 16, 2026

Microsoft Ends Windows Server 2008 Support on January 13, 2026

Microsoft has officially ceased all support for Windows Server 2008 as of January 13, 2026, including paid extended security updates. This end-of-life scenario poses significant security risks for organizations still using the outdated operating system, making them vulnerable to cyberattacks. The transition away from Windows Server 2008 requires careful planning, as many organizations face challenges in migrating legacy applications to modern systems. The lack of ongoing patches means that any new vulnerabilities will remain unaddressed, potentially leading to data breaches and compliance failures, particularly in regulated sectors like healthcare and finance. Microsoft has encouraged migration to Azure, offering incentives for early adopters, but the transition can be complex and costly. The end of support also affects global supply chains and compatibility with newer software applications. Organizations are advised to conduct audits of their software portfolios and consider hybrid environments to enhance flexibility and security.

Winsage

January 10, 2026

Microsoft Ends Support for Windows 11, Office 2021 in 2026: Upgrade Now

Microsoft will conclude support for several key products on October 14, 2026, including Windows 11 version 24H2 and Office 2021. This end-of-support wave also affects various Azure services, Exchange Server versions, and certain .NET frameworks. Organizations must evaluate migration costs and risks associated with operating unsupported products, as the lack of updates could lead to security vulnerabilities. Extended Security Updates (ESUs) will be available for select products but at a premium cost. Migration challenges include potential hardware incompatibilities and the need for custom solutions for legacy applications. Proactive planning, inventory assessments, and prioritizing critical systems for migration are recommended strategies. The transition aligns with Microsoft's vision of promoting cloud-based and AI-enhanced technologies. Economic implications include increased IT spending, particularly affecting small and medium enterprises.

Winsage

December 19, 2025

Microsoft Phases Out RC4 Encryption by 2026 to Bolster Windows Security

Microsoft has announced the phased discontinuation of the RC4 encryption cipher, with full implementation expected by mid-2026. RC4, created in 1987, has been increasingly recognized as a vulnerability, exploited in various high-profile cyberattacks. Microsoft plans to disable RC4 by default in Windows Kerberos authentication, encouraging organizations to transition to more secure alternatives like AES-256. This decision follows years of warnings from the cybersecurity community and aims to eliminate long-standing cryptographic weaknesses. The transition will require organizations to audit and upgrade their infrastructures, as many legacy applications still depend on RC4. Disabling RC4 is expected to reduce the success rates of attacks exploiting weak encryption. Microsoft has introduced tools to help administrators identify hidden RC4 usage. The change reflects a commitment to zero-trust architectures and aligns with recommendations from organizations like NIST. Experts recommend a multi-step approach for organizations to navigate this transition effectively.

Winsage

December 15, 2025

Still running Windows 10? Here’s why that’s a bad idea

Hundreds of millions of computers are still using Windows 10, despite it reaching its end-of-support deadline. An Extended Security Updates (ESU) subscription is available for free until October 2026, providing updates to help protect against security threats. By early 2021, around 100 million PCs were still running Windows 7, which had ceased receiving updates in January 2020, making them vulnerable to cyberattacks from groups like Digital Shadows, LockBit, Conti, and Vice Society. Notable incidents include the PrintNightmare flaw in July 2021, which led Microsoft to issue a patch for Windows 7, and the WannaCry attack in 2017, which targeted Windows XP machines. Microsoft releases monthly security fixes, and vulnerabilities like CVE-2025-62215, identified in November 2025, have been categorized as "Exploitation Detected." While current vulnerabilities require local access, history suggests that remote attacks may soon occur, posing severe risks to unpatched systems.

Tech Optimizer

October 31, 2025

Windows 10 users face ransomware nightmare as Microsoft support ends in 2025 worldwide

Microsoft's Digital Defense Report indicates that over 90% of ransomware attacks target unsupported PCs. Unsupported systems are vulnerable due to the lack of security updates, making them attractive targets for cybercriminals. Users often delay upgrades, thinking they can wait "just one more year," but this increases risk as new vulnerabilities remain unaddressed. Upgrading to Windows 11 provides ongoing security updates and enhances performance. Delaying upgrades can lead to significant financial losses from data recovery and fraud. To improve security while preparing for an upgrade, users should verify compatibility for Windows 11, be cautious of phishing scams, consider using data removal services, secure logins with two-factor authentication, back up data regularly, and stay informed about cyber threats.

Winsage

October 21, 2025

The ESU Gamble: Why Windows 10 Extended Security Updates Are a Risk You Can’t Afford

Many organizations are relying on Extended Security Updates (ESUs) for Microsoft’s Windows 10 as the end-of-life deadline approaches, but this solution is limited and does not protect against zero-day exploits or sophisticated attacks. The ESU program will end in October 2026, leading to increased costs and risks. Legacy systems like Windows 10 are particularly vulnerable to cybercriminals, and even with ESUs, they can be exploited by advanced threats. Transitioning to Windows 11 is complicated for many organizations due to compatibility and hardware issues. Morphisec offers a proactive solution with its Automated Moving Target Defense (AMTD) technology, which continuously alters system memory to protect against attacks without needing updates or patches. The cost of Morphisec is lower than potential expenses from ransomware incidents or ESUs. Organizations face significant risks if they delay action, as seen in past ransomware outbreaks like WannaCry. Unsupported systems can lead to compliance failures and reputational harm. Morphisec provides a way to secure Windows 10 systems while facilitating a smooth migration to Windows 11, ensuring protection across hybrid environments.

Winsage

October 13, 2025

The importance of upgrading to the latest Windows operating system …

Windows 10 was released in July 2015 and is now at its end of life, with no further updates. Windows 11 was introduced in October 2021, offering enhanced security features and requiring specific hardware specifications such as TPM 2.0 and Secure Boot. Extended support for Windows 10 will continue until October 2026 for consumers using Microsoft's cloud for backups, while corporate devices require an Extended Security Updates subscription for updates. The National Cyber Security Centre (NCSC) has warned of security risks associated with outdated operating systems, citing past vulnerabilities and attacks. A report by Forrester highlights the security improvements in Windows 11, including Smart App Control and improved administrator protections. Recent analysis shows a 33% decrease in Windows 10 devices, with projections indicating approximately 121 million PCs will remain operational by the end of support on October 14. Microsoft aims to transition features to user space to enhance security, but challenges exist for older hardware. Windows 11 includes a secure-by-default configuration and integrates AI capabilities, with Gartner predicting significant growth in AI PCs by 2025. ARM-based PCs are gaining interest for their battery life, though compatibility issues persist. Microsoft is collaborating with Qualcomm to develop ARM-based Copilot+ PCs, which may provide a viable alternative to traditional x86 hardware.

Tech Optimizer

September 30, 2025

iTWire – Google adds AI-powered ransomware protection to Drive for desktop

Google has launched an AI-powered ransomware detection and recovery feature for Google Drive for desktop, available in open beta. This feature automatically detects suspicious activity indicative of ransomware attacks, pauses file syncing, and allows users to restore affected files easily. It is offered at no additional cost to most Google Workspace commercial customers and individual users. Ransomware attacks constituted 21% of all cybersecurity incidents investigated by Mandiant last year, with the average cost of such attacks exceeding million. The new capability provides an additional layer of defense beyond traditional antivirus methods, creating a protective bubble around user files. Google’s built-in virus detection also helps prevent ransomware from spreading to other devices. The AI model used for detection analyzes millions of real-world ransomware samples and adapts to new threats. When unusual activity is detected, Drive pauses syncing and alerts users, allowing for easy restoration of files. IT administrators receive alerts in the Admin console and can review detailed incident logs. This rollout enhances security controls for Workspace customers amid increasing ransomware threats.

Winsage

September 27, 2025

Windows 10 extension, teenage Vegas hacker released, Boyd Gaming hacked

Microsoft will provide free extended security updates for Windows 10 users in the European Economic Area (EEA) in response to advocacy from Euroconsumers. A 17-year-old hacker, previously involved in cyberattacks on Las Vegas casinos, has been released into his parents' custody after a family court ruling. Boyd Gaming reported a cyberattack that compromised employee data but did not affect its business operations. Researchers from Binarly warned of vulnerabilities in Supermicro firmware that could allow attackers to gain control over server systems. Salesforce's Agentforce platform has a critical flaw, ForcedLeak, that could enable data extraction from its CRM tools. Kido International experienced a cyberattack that leaked sensitive information about children and parents. Volvo North America disclosed a data breach due to a ransomware attack on its supplier, Miljödata, affecting employee data. A critical flaw in the ZendTo file transfer application could allow users to access sensitive data by manipulating file paths.