September 4, 2024 at 01:48PM Microsoft is implementing a new security mitigation to address a surge in cyberattacks targeting vulnerabilities in the Windows Common Log File System (CLFS). The mitigation involves adding a verification step using Hash-based Message Authentication Codes (HMAC) to detect unauthorized modifications to CLFS logfiles. This approach aims to cover a class … Read more
July 23, 2024 at 03:52PM Microsoft’s Windows Hello for Business (WHfB) authentication, previously believed to be resistant to phishing, was found vulnerable to downgrade attacks. Security researcher Yehuda Smirnov discovered the flaw, leading to a fix by Microsoft. The company introduced a new Conditional Access policy to enforce phishing-resistant authentication, safeguarding against downgraded methods. From … Read more
May 14, 2024 at 10:07AM Attackers are exploiting DNS tunneling to track victims’ network activity and infrastructure vulnerabilities. This advanced technique enables them to hide malicious data within legitimate outbound DNS traffic, evading traditional detection methods. Researchers have identified campaigns using DNS tunneling for tracking user behavior and network scanning, urging organizations to control resolver … Read more
February 27, 2024 at 07:27AM Canadian authorities are responding to cyberattacks on the Royal Canadian Mounted Police and Global Affairs Canada. The RCMP is actively managing a cyber event and working with government agencies to assess the security breach. The attack did not impact operations or safety, but the RCMP website was briefly unavailable. The … Read more