Windows OS | Breaking Cybersecurity News | The Hacker News

Microsoft on Friday said it will disable its much-criticized artificial intelligence (AI)-powered Recall feature by default and make it an opt-in. Recall , currently in preview and coming exclusively to Copilot+ PCs on June 18, 2024, functions as an "explorable visual timeline" by capturing screenshots of what appears on users' screens every five seconds, which are subsequently analyzed and parsed to surface relevant information. But the feature, meant to serve as some sort of an AI-enabled photographic memory, was met with instantaneous backlash from the security and privacy community, which excoriated the company for having not thought through enough and implementing adequate safeguards that could prevent malicious actors from easily gaining a window into a victim's digital life. The recorded information could include screenshots of documents, emails, or messages containing sensitive details that may have been deleted or shared temporarily using disappearing

Attackers are actively making efforts to exploit a new variant of a recently disclosed privilege escalation vulnerability to potentially execute arbitrary code on fully-patched systems, once again demonstrating how adversaries move quickly to weaponize a publicly available exploit. Cisco Talos  disclosed  that it "detected malware samples in the wild that are attempting to take advantage of this vulnerability." Tracked as  CVE-2021-41379  and discovered by security researcher Abdelhamid Naceri, the elevation of privilege flaw affecting the Windows Installer software component was originally resolved as part of Microsoft's  Patch Tuesday updates  for November 2021. However, in what's a case of an insufficient patch, Naceri found that it was not only possible to bypass the fix implemented by Microsoft but also  achieve  local privilege escalation via a newly discovered zero-day bug. The proof-of-concept (PoC) exploit, dubbed " InstallerFileTakeOver ," w

Want to know what's the latest and greatest in SecOps for 2024? Gartner's recently released Hype Cycle for Security Operations report takes important steps to organize and mature the domain of Continuous Threat Exposure Management, aka CTEM. Three categories within this domain are included in this year's report: Threat Exposure Management, Exposure Assessment Platforms (EAP), and Adversarial Exposure Validation (AEV). These category definitions are aimed at providing some structure to the evolving landscape of exposure management technologies. Pentera, listed as a sample vendor in the newly defined AEV category, is playing a pivotal role in increasing the adoption of CTEM, with a focus on security validation. Following is our take on the CTEM related product categories and what they mean for enterprise security leaders. The Industry is Maturing CTEM, coined by Gartner in 2022, presents a structural approach for continuously assessing, prioritizing, validating, and remediating expo

A malicious web shell deployed on Windows systems by leveraging a previously undisclosed zero-day in SolarWinds' Orion network monitoring software may have been the work of a possible Chinese threat group. In a  report  published by Secureworks on Monday, the cybersecurity firm attributed the intrusions to a threat actor it calls Spiral. Back on December 22, 2020, Microsoft  disclosed  that a second espionage group may have been abusing the IT infrastructure provider's Orion software to drop a persistent backdoor called Supernova on target systems. The findings were also corroborated by cybersecurity firms Palo Alto Networks'  Unit 42  threat intelligence team and  GuidePoint Security , both of whom described Supernova as a .NET web shell implemented by modifying an "app_web_logoimagehandler.ashx.b6031896.dll" module of the SolarWinds Orion application. The alterations were made possible not by breaching the SolarWinds app update infrastructure but instead b

Microsoft's long-lived operating system Windows XP—that still powers over 1% of all laptops and desktop computers worldwide—has had its source code leaked online, allegedly, along with Windows Server 2003. Yes, you heard that right. The source code for Microsoft's 19-year-old operating system was published as a torrent file on notorious bulletin board website 4chan, and it's for the very first time when source code for Microsoft's operating system has been leaked to the public. Several reports suggest that the collection of torrent files, which weigh 43GB in size, also said to include the source code for Windows Server 2003 and several Microsoft's older operating systems, including: Windows 2000 Windows CE 3  Windows CE 4  Windows CE 5  Windows Embedded 7 Windows Embedded CE Windows NT 3.5 Windows NT 4 MS-DOS 3.30  MS-DOS 6.0 The torrent download also includes the alleged source code for various Windows 10 components that  appeared in 2017  and sour