The Information Highway

Mandiant has identified a novel method to bypass browser isolation technology and achieve command-and-control operations through QR codes.

Microsoft is now testing its AI-powered Recall feature on AMD and Intel-powered Copilot+ PCs enrolled in the Windows 11 Insider program.

Microsoft made it abundantly clear this week that Windows 10 users won't be able to upgrade to Windows 11 unless their systems come with TPM 2.0 support, stating it's a "non-negotiable" requirement.

Microsoft has confirmed that last month's Windows security updates are breaking SSH connections on some Windows 11 22H2 and 23H2 systems.

More than 60,000 D-Link network-attached storage devices that have reached end-of-life are vulnerable to a command injection vulnerability with a publicly available exploit.

Attackers could exploit several vulnerabilities in the Mazda Connect infotainment unit, present in multiple car models including Mazda 3 (2014-2021), to execute arbitrary code with root permission. 

Google's cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security.

Microsoft is investigating a known issue that affects Microsoft 365 customers and causes classic Outlook to hang or freeze when copying text.

Microsoft warned customers they might experience up to 30 minutes of black screens when logging into Azure Virtual Desktop (AVD) after installing the KB5040525 Windows 10 July 2024 preview update.

Microsoft is again delaying the rollout of its AI-powered Windows Recall feature after announcing in August that it will be available for Insiders with Copilot+ PCs in October.

The third day of Pwn2Own Ireland 2024 continued to showcase the expertise of white hat hackers as they exposed 11 zero-day vulnerabilities, adding $124,750 to the total prize pool, which now stands at $874,875.

Microsoft has released the optional KB5044384 preview cumulative update for Windows 11 24H2, which includes twenty-four changes, including a bug that caused the sfc /scannow command to always display corrupt file errors.

Microsoft has released the optional KB5044380 Preview cumulative update for Windows 11 23H2 and 22H2, which brings seventeen changes, including a new Gamepad keyboard and the ability to remap the Copilot keyboard key.

Microsoft is using deceptive tactics against phishing actors by spawning realistic-looking honeypot tenants with access to Azure and lure cybercriminals in to collect intelligence about them.

The latest generations of Intel processors, including Xeon chips, and AMD's older microarchitectures on Linux are vulnerable to new speculative execution attacks that bypass existing 'Spectre' mitigations.

Amazon has seen massive adoption of passkeys since the company quietly rolled them out a year ago, announcing today that over 175 million customers use the security feature.

The Fast IDentity Online (FIDO) Alliance has published a working draft of a new specification that aims to enable the secure transfer of passkeys between different providers.

Microsoft has officially deprecated the Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) in future versions of Windows Server, recommending admins switch to different protocols that offer increased security.

Payment platform MoneyGram says there is no evidence that ransomware is behind a recent cyberattack that led to a five-day outage in September. 

 Over the weekend, Google removed Kaspersky's Android security apps from the Google Play store and disabled the Russian company's developer accounts.