tldrdailynews.com logo
Tag

Windows Security

All articles tagged with #windows security

Critical Docker Desktop Vulnerability Allows Container Escape and Host Compromise
technology7 months ago

Critical Docker Desktop Vulnerability Allows Container Escape and Host Compromise

Docker Desktop patched a critical security flaw (CVE-2025-9074) that allowed containers to break out and control the host system, especially on Windows where Docker runs via WSL2, by exposing an open Engine API on a TCP port. The vulnerability could let malicious containers access or modify host files, escalate privileges, and compromise system security. Users are advised to update to version 4.44.3 immediately to close the exposed API and prevent potential attacks.

via theregister.com|
#container-escape#cve-2025-9074#docker-desktop
"How to Activate Windows' Built-In Ransomware Protections"
technology2 years ago

"How to Activate Windows' Built-In Ransomware Protections"

Ransomware is a serious threat, but Windows includes built-in protections through its Microsoft Defender antivirus software, which can be enabled by following a few steps in the Windows Security app. By turning on Controlled folder access and ensuring you're logged into OneDrive for automatic backups, you can add an extra layer of defense against ransomware attacks. While these measures may cause some inconvenience, they can significantly enhance the security of your files. Additionally, considering other antivirus software options and maintaining offline backups are recommended for comprehensive protection against online threats.

via PCWorld|
#antivirus-software#cybersecurity#data-protection
"Phishing Attacks Target Windows NTLM Authentication with Weaponized ZIP File"
cybersecurity2 years ago

"Phishing Attacks Target Windows NTLM Authentication with Weaponized ZIP File"

The hacking group TA577 has shifted to using phishing emails to steal NTLM authentication hashes, targeting employees in organizations worldwide. These hashes can be used for offline password cracking or "pass-the-hash" attacks, potentially enabling attackers to escalate privileges, hijack accounts, access sensitive information, and move laterally within a breached network. The phishing emails contain unique ZIP archives with HTML files that trigger automatic connections to steal the NTLM hashes. Security measures such as multi-factor authentication, firewall configurations, email filtering, and Windows 11 security features can help mitigate these attacks.

via BleepingComputer|
#cybersecurity#email-security#ntlm-hashes
"Enabling Windows' Built-In Ransomware Protection"
technology2 years ago

"Enabling Windows' Built-In Ransomware Protection"

Ransomware is a serious threat, but Windows users can activate built-in protection through Microsoft Defender by enabling Controlled folder access and ensuring they are logged into OneDrive for automatic backups. While this may cause some inconvenience, such as blocking access to certain folders, it provides an additional layer of defense against ransomware attacks. Users can also consider upgrading their antivirus software for more comprehensive protection.

via PCWorld|
#antivirus-software#data-protection#microsoft-defender
"New Windows Malware Bypasses Defender to Steal Crypto: How to Protect Your PC"
cybersecurity2 years ago

"New Windows Malware Bypasses Defender to Steal Crypto: How to Protect Your PC"

Threat actors are exploiting a patched security flaw in Microsoft Windows, CVE-2023-36025, to deploy Phemedrone Stealer, an open-source information stealer targeting web browsers, cryptocurrency wallets, and messaging apps. The flaw allows attackers to bypass Windows Defender SmartScreen by tricking users into clicking on malicious Internet Shortcut files, leading to the execution of a control panel file that ultimately downloads and executes the stealer. Despite being patched, threat actors continue to find ways to exploit the vulnerability and evade protections, highlighting the need for ongoing vigilance in cybersecurity.

via The Hacker News|
#cryptocurrency#cve-2023-36025#cybersecurity
Atera Windows Installers Vulnerable to Critical Privilege Escalation Attacks
windows-security2 years ago

Atera Windows Installers Vulnerable to Critical Privilege Escalation Attacks

Zero-day vulnerabilities in the Windows Installers for Atera's remote monitoring and management software have been discovered, posing a risk of privilege escalation attacks. The flaws, assigned CVE-2023-26077 and CVE-2023-26078, have been patched in Atera versions 1.8.3.7 and 1.8.4.9. The vulnerabilities allow for the execution of arbitrary code with elevated privileges and involve misconfigured Custom Actions running as NT AUTHORITY\SYSTEM. Exploitation of these weaknesses could lead to local privilege escalation attacks.

via The Hacker News|
#atera#privilege-escalation#vulnerabilities