security measures Archives

Winsage

May 2, 2025

Microsoft has no plans to fix Windows RDP bug that lets you log in with old passwords

Microsoft has decided not to address a significant security vulnerability in its Windows Remote Desktop Protocol (RDP) that allows users to log into machines using outdated cached passwords, even after those passwords have been updated or changed. This situation creates a potential backdoor for unauthorized access, raising security concerns. Microsoft defends this functionality as a design choice to prevent users from being locked out of their machines, prioritizing accessibility over security.

Tech Optimizer

May 2, 2025

The Pillars of AI-Driven Security

The cybersecurity landscape has shifted from traditional methods like firewalls and antivirus software to more sophisticated, AI-driven strategies. The 2024 Verizon Data Breach Investigations Report identifies ransomware as a leading attack type, with a median time to compromise now measured in hours. The attack surface is expanding due to remote work, cloud adoption, and IoT devices, while traditional security measures struggle to keep up. AI enhances security across three domains: prevention, detection, and response. 1. Prevention: AI distinguishes between legitimate and suspicious activities, improving predictive accuracy and enabling proactive defenses against attacks. AI models can identify zero-day malware and fileless attacks by focusing on behavior. 2. Detection: AI-powered tools like SIEM systems analyze vast amounts of data to identify risks and suspicious patterns in near real-time, reducing false positives and highlighting low-and-slow attacks and insider threats. 3. Response: AI automates rapid containment and remediation actions, allowing human analysts to focus on more complex tasks. Generative AI can assist in drafting incident reports and suggesting remediation measures. AI-driven security offers scale and efficiency, reducing breach costs significantly for organizations that utilize it. AI models adapt to evolving threats, and AI tools help bridge the cybersecurity skills gap. However, challenges include potential biases in AI models, the need for talent and change management, and privacy concerns. Organizations are encouraged to adopt AI-driven security as a core component of their digital defense strategy to improve risk posture and threat response.

Winsage

May 2, 2025

CISOs should re-consider using Microsoft RDP due to password flaw, says expert

Microsoft has clarified that a feature in its operating system, which allows at least one user account to log in after prolonged offline periods, is a deliberate design choice and not a security vulnerability. The Remote Desktop Protocol (RDP) caches the last set of credentials used to prevent administrators from being locked out, but this can lead to complications if credentials are changed, potentially allowing unauthorized access if outdated credentials are exploited. Johannes Ullrich from the SANS Institute emphasized the importance of securing RDP and recommended robust authentication measures and isolation of RDP endpoints to mitigate risks.

Tech Optimizer

May 2, 2025

McAfee+ Premium antivirus review

McAfee+ Premium offers comprehensive antivirus protection without device restrictions under a single account. It includes features such as an unrestricted VPN, True Key password manager, file shredder, and cleanup tools. The pricing is higher compared to some competitors, with an Essential subscription available for .99 annually, covering five devices. The Advanced package costs .99 and includes fraud protection and a credit bureau scan, while the Ultimate package is .99 and offers three credit bureau scans. Ransomware protection is included only in the Advanced and Ultimate packages. Performance tests show a malware detection accuracy of 99.96%, although it has a higher number of false positives compared to Bitdefender. The interface is user-friendly, and customer support is available 24/7 via chat, but email support is not offered.

Winsage

May 2, 2025

Microsoft is pulling the plug on Windows 10 — here’s what you need to do

A limited-time offer allows users to purchase a Windows 11 Pro key for .97, down from its regular price of 9. This promotion enables upgrades for two compatible PCs. Windows 11 Pro features a user-friendly installation process, a lifetime license with no ongoing fees, productivity enhancements like snap layouts and virtual desktops, and robust security measures including biometric login and device encryption. It also includes an AI-powered assistant, Copilot, to help optimize workflows. Support for Windows 10 will end soon, making this an opportune time to upgrade. Prices on StackSocial may change.

Winsage

May 2, 2025

Windows RDP has a major security problem, and Microsoft has refused to do anything about it

A significant vulnerability has been identified in the Windows Remote Desktop Protocol (RDP), which allows old credentials to remain functional even after a password reset. Security researcher Daniel Wade revealed that users can still access their systems with previously revoked credentials due to the authentication process relying on locally stored credentials that do not update in real-time. Microsoft's Security Response Center acknowledged this behavior but stated it is an intentional design to ensure at least one user account can log in, regardless of the system's online status. Microsoft has been aware of this issue since at least August 2023 and has chosen not to modify the code, citing potential compatibility issues.

Winsage

May 1, 2025

Windows Warning — Microsoft Confirms Old Passwords Still Work To Login

Microsoft has confirmed that users can log into their Windows accounts using old passwords that have been changed and revoked under certain conditions. This behavior is classified as a feature rather than a security vulnerability. The issue arises from the Remote Desktop Protocol (RDP), which allows remote access to Windows machines. An independent security researcher discovered that after changing his password, he could still access his machine using the old credentials, even from new devices. Microsoft's documentation was updated to explain that credentials are verified against a local cached copy before network authentication, allowing continued access with the old password. Microsoft stated that this design ensures at least one user account can always log in, regardless of system offline status, and confirmed there are no plans to change this behavior.

Winsage

May 1, 2025

Microsoft RDP apparently lets you log in with expired passwords – and it apparently doesn’t have plans to fix the issue

Security researcher Daniel Wade has revealed that Microsoft’s Remote Desktop Protocol (RDP) allows users to log into systems using previously revoked passwords, raising concerns about user security. Wade highlights that this feature undermines the trust users place in password management, as changing passwords is expected to prevent unauthorized access. This issue affects a wide range of users, from individuals to employees in small businesses and hybrid work environments. Despite the increasing sophistication of cyberattacks on password managers, Microsoft has stated it will not change this RDP functionality.

Winsage

April 29, 2025

Microsoft Recall finally launches for AI PC users, along with some other new features, almost one year after Copilot+ was announced

Microsoft has reintroduced its Recall feature, initially designed for Qualcomm Snapdragon X-powered laptops, which captures snapshots of users' desktops to help locate old documents, images, and web pages. Enhanced security measures have been implemented, including Windows Hello sign-in, data encryption, and isolation protocols, with all data processed locally on users' devices. Recall is an opt-in feature that can be removed. Additionally, Microsoft has introduced an AI-powered Windows search mechanism that allows users to search for files by description. These features are currently exclusive to devices with Qualcomm Snapdragon X processors, with support for AMD Ryzen AI 300 series and Intel Core Ultra 200V series chips expected later this year. Users without compatible hardware must rely on traditional file management methods.

Tech Optimizer

April 27, 2025

Why aren’t there antivirus apps for the iPhone?

In recent years, the belief that iOS devices are "immune" to viruses has been challenged as cybercriminals increasingly target these platforms. Apple’s security measures, including sandboxing, help isolate apps to prevent the spread of malware. The App Store is strictly controlled, with Apple reviewing apps for security compliance, resulting in few harmful applications being reported. Antivirus software available in the App Store, from companies like McAfee and Norton, operates under the same constraints as other apps and cannot directly access the operating system kernel. Users are advised to avoid jailbreaking their devices, enable automatic updates, and take precautions such as avoiding public charging stations and regularly reviewing app permissions. Utilizing a password manager or VPN can enhance security, and those who have experienced data breaches may consider identity theft protection.