#bitlocker — Public Fediverse posts

"Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor"

https://www.tomshardware.com/tech-industry/cyber-security/microsoft-bitlocker-protected-drives-can-now-be-opened-with-just-some-files-on-a-usb-stick-yellowkey-zero-day-exploit-demonstrates-an-apparent-backdoor

Yikes... if we even needed more reasons to avoid Windows and Microsoft's encryption tools.

#security #infosec #windows #bitlocker #microsoft

Windows Zero-Days Expose BitLocker, CTFMON Vulnerabilities

A security researcher has uncovered a pair of alarming Windows zero-day vulnerabilities, including a BitLocker bypass and a privilege-escalation exploit that can be triggered with just a USB drive. Dubbed YellowKey, this exploit can even surface a shell on BitLocker-protected systems, giving attackers an easy way in.

https://osintsights.com/windows-zero-days-expose-bitlocker-ctfmon-vulnerabilities?utm_source=mastodon&utm_medium=social

#WindowsZerodays #Bitlocker #SupplyChain #EmergingThreats #ZeroDay

Une vulnérabilité 0-day dans BitLocker permettrait d'accéder à des disques chiffrés sans autorisation. Ce qui est fascinant — et un peu vertigineux — c'est que le chiffrement est souvent perçu comme le dernier rempart. Quand ce rempart a une porte dérobée, ça invite à repenser l'ensemble de la chaîne de confiance. 🔐 #infosec #BitLocker #0day
https://gbhackers.com/windows-bitlocker-0-day-vulnerability/

Une vulnérabilité 0-day dans BitLocker permettrait d'accéder à des disques chiffrés sans autorisation. Ce qui est fascinant — et un peu vertigineux — c'est que le chiffrement est souvent perçu comme le dernier rempart. Quand ce rempart a une porte dérobée, ça invite à repenser l'ensemble de la chaîne de confiance. 🔐 #infosec #BitLocker #0day
https://gbhackers.com/windows-bitlocker-0-day-vulnerability/

#Microsoft baut #Backdoor in den #Windows #Bitlocker ein?

(also mutmaßlich)

Windows 11, Windows Server 2022, 2025 sind betroffen.

Laut einen Sicherheitsforscher kann man relativ einfach mit einem #USB Stick die Verschlüsselung umgehen... WTF Windows.

Hoods Informatik hat dazu ein Kurzvideo hochgeladen:
https://youtube.com/shorts/h09NoxuYW4w

Können wir jetzt bitte endlich alle zu ner gescheiten #Linux Distro wechseln?
Oder für die, die zu viel Geld haben wenigstens zu Mac? (Auch wenn ich Mac nicht leiden kann.)

#IT #itsecurtity #sicherheitslücken

# #Microsoft baut #Backdoor in den #Windows #Bitlocker ein?
(also mutmaßlich)

Windows 11, Windows Server 2022, 2025 sind betroffen.

Laut einen Sicherheitsforscher kann man relativ einfach mit einem #USB Stick die Verschlüsselung umgehen... WTF Windows.

Hoods Informatik hat dazu ein Kurzvideo hochgeladen:
https://youtube.com/shorts/h09NoxuYW4w

**Können wir jetzt bitte endlich alle zu ner gescheiten #Linux Distro wechseln?**
Oder für die, die zu viel Geld haben wenigstens zu Mac? (Auch wenn ich Mac nicht leiden kann.)

# #Microsoft baut #Backdoor in den #Windows #Bitlocker ein?
(also mutmaßlich)

Windows 11, Windows Server 2022, 2025 sind betroffen.

Laut einen Sicherheitsforscher kann man relativ einfach mit einem #USB Stick die Verschlüsselung umgehen... WTF Windows.

Hoods Informatik hat dazu ein Kurzvideo hochgeladen:
https://youtube.com/shorts/h09NoxuYW4w

**Können wir jetzt bitte endlich alle zu ner gescheiten #Linux Distro wechseln?**
Oder für die, die zu viel Geld haben wenigstens zu Mac? (Auch wenn ich Mac nicht leiden kann.)

Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor | Tom's Hardware

#microsoft #bitlocker #encryption #exploit #zeroday

https://www.tomshardware.com/tech-industry/cyber-security/microsoft-bitlocker-protected-drives-can-now-be-opened-with-just-some-files-on-a-usb-stick-yellowkey-zero-day-exploit-demonstrates-an-apparent-backdoor

Let’s make today unforgettable together ❤️
25F, open to good vibes, deep talks, laughter, and wherever the moment takes us.
Feel free to message me on WhatsApp — my number’s in my bio 💕#WhiskersWednesday
#tercinema
#SeaWednesday
#laika
#TuneTuesday
#bitlocker
#memecredi
#steelfeed
#wildwood
#JoinTheFediverseLINK
#WIPWednesday
#TextureTuesday
#ThickTrunkTuesday
#norovirus
#MeerMittwoch

Let’s make today unforgettable together ❤️
25F, open to good vibes, deep talks, laughter, and wherever the moment takes us.
Feel free to message me on WhatsApp — my number’s in my bio 💕#WhiskersWednesday
#tercinema
#SeaWednesday
#laika
#TuneTuesday
#bitlocker
#memecredi
#steelfeed
#wildwood
#JoinTheFediverseLINK
#WIPWednesday
#TextureTuesday
#ThickTrunkTuesday
#norovirus
#MeerMittwoch

Let’s make today unforgettable together ❤️
25F, open to good vibes, deep talks, laughter, and wherever the moment takes us.
Feel free to message me on WhatsApp — my number’s in my bio 💕#WhiskersWednesday
#tercinema
#SeaWednesday
#laika
#TuneTuesday
#bitlocker
#memecredi
#steelfeed
#wildwood
#JoinTheFediverseLINK
#WIPWednesday
#TextureTuesday
#ThickTrunkTuesday
#norovirus
#MeerMittwoch

Let’s make today unforgettable together ❤️
25F, open to good vibes, deep talks, laughter, and wherever the moment takes us.
Feel free to message me on WhatsApp — my number’s in my bio 💕#WhiskersWednesday
#tercinema
#SeaWednesday
#laika
#TuneTuesday
#bitlocker
#memecredi
#steelfeed
#wildwood
#JoinTheFediverseLINK
#WIPWednesday
#TextureTuesday
#ThickTrunkTuesday
#norovirus
#MeerMittwoch

RE: https://cyberplace.social/@GossiTheDog/116565662607962457

#windows #it #bitlocker #security #encryption #cve #vulnerability

https://winbuzzer.com/2026/04/16/microsoft-april-update-bitlocker-recovery-windows-server-xcxwbn/

Microsoft April Update Forces BitLocker Recovery on Servers

#Microsoft #WindowsServer #WindowsServer2025 #BitLocker #Windows11 #WindowsUpdate #Cybersecurity #Encryption #PatchTuesday

Regular warning regarding backups and data recovery with Windows 11 25H2 and Bitlocker encryption.

By default, new installations of Windows 11 25H2 have BitLocker automatically enabled, on laptops and desktops.

In theory, the BitLocker recovery keys are transferred to the online Microsoft Account settings when you login that way on Windows 11.

If you use a Windows local account only then it's not backed up. Nor are you prompted to do so. This is very obviously a potentially dangerous state.

If you're going with a local account only Windows 11 OS installation then:

• Backup the recovery keys safely offline,

AND

• Keep unencrypted backups of important data off the system (ideally several copies stored separately)

OR

• Disable BitLocker

Unless you have a very specific use case or "interesting" threat model then disabling BitLocker is my suggestion.

Once BitLocker it's disabled then ensure you are taking regular backups of import data off the PC, ideally multiple copies in separate places for redundancy.

Hardware and storage media do fail. Motherboards and their TPM / UEFI Firmware data do get damaged. That's where the BitLocker encryption keys are stored.

If the BitLocker recovery information on the motherboard is damaged or unrecoverable, your BitLocker encrypted data will be unrecoverable without the recovery keys.

#Windows #BitLocker #MicrosoftAccount #25H2 #DataRecovery

Regular warning regarding backups and data recovery with Windows 11 25H2 and Bitlocker encryption.

By default, new installations of Windows 11 25H2 have BitLocker automatically enabled, on laptops and desktops.

In theory, the BitLocker recovery keys are transferred to the online Microsoft Account settings when you login that way on Windows 11.

If you use a Windows local account only then it's not backed up. Nor are you prompted to do so. This is very obviously a potentially dangerous state.

If you're going with a local account only Windows 11 OS installation then:

• Backup the recovery keys safely offline,

AND

• Keep unencrypted backups of important data off the system (ideally several copies stored separately)

OR

• Disable BitLocker

Unless you have a very specific use case or "interesting" threat model then disabling BitLocker is my suggestion.

Once BitLocker it's disabled then ensure you are taking regular backups of import data off the PC, ideally multiple copies in separate places for redundancy.

Hardware and storage media do fail. Motherboards and their TPM / UEFI Firmware data do get damaged. That's where the BitLocker encryption keys are stored.

If the BitLocker recovery information on the motherboard is damaged or unrecoverable, your BitLocker encrypted data will be unrecoverable without the recovery keys.

#Windows #BitLocker #MicrosoftAccount #25H2 #DataRecovery

Regular warning regarding backups and data recovery with Windows 11 25H2 and Bitlocker encryption.

By default, new installations of Windows 11 25H2 have BitLocker automatically enabled, on laptops and desktops.

In theory, the BitLocker recovery keys are transferred to the online Microsoft Account settings when you login that way on Windows 11.

If you use a Windows local account only then it's not backed up. Nor are you prompted to do so. This is very obviously a potentially dangerous state.

If you're going with a local account only Windows 11 OS installation then:

• Backup the recovery keys safely offline,

AND

• Keep unencrypted backups of important data off the system (ideally several copies stored separately)

OR

• Disable BitLocker

Unless you have a very specific use case or "interesting" threat model then disabling BitLocker is my suggestion.

Once BitLocker it's disabled then ensure you are taking regular backups of import data off the PC, ideally multiple copies in separate places for redundancy.

Hardware and storage media do fail. Motherboards and their TPM / UEFI Firmware data do get damaged. That's where the BitLocker encryption keys are stored.

If the BitLocker recovery information on the motherboard is damaged or unrecoverable, your BitLocker encrypted data will be unrecoverable without the recovery keys.

#Windows #BitLocker #MicrosoftAccount #25H2 #DataRecovery

Regular warning regarding backups and data recovery with Windows 11 25H2 and Bitlocker encryption.

By default, new installations of Windows 11 25H2 have BitLocker automatically enabled, on laptops and desktops.

In theory, the BitLocker recovery keys are transferred to the online Microsoft Account settings when you login that way on Windows 11.

If you use a Windows local account only then it's not backed up. Nor are you prompted to do so. This is very obviously a potentially dangerous state.

If you're going with a local account only Windows 11 OS installation then:

• Backup the recovery keys safely offline,

AND

• Keep unencrypted backups of important data off the system (ideally several copies stored separately)

OR

• Disable BitLocker

Unless you have a very specific use case or "interesting" threat model then disabling BitLocker is my suggestion.

Once BitLocker it's disabled then ensure you are taking regular backups of import data off the PC, ideally multiple copies in separate places for redundancy.

Hardware and storage media do fail. Motherboards and their TPM / UEFI Firmware data do get damaged. That's where the BitLocker encryption keys are stored.

If the BitLocker recovery information on the motherboard is damaged or unrecoverable, your BitLocker encrypted data will be unrecoverable without the recovery keys.

#Windows #BitLocker #MicrosoftAccount #25H2 #DataRecovery

Regular warning regarding backups and data recovery with Windows 11 25H2 and Bitlocker encryption.

By default, new installations of Windows 11 25H2 have BitLocker automatically enabled, on laptops and desktops.

In theory, the BitLocker recovery keys are transferred to the online Microsoft Account settings when you login that way on Windows 11.

If you use a Windows local account only then it's not backed up. Nor are you prompted to do so. This is very obviously a potentially dangerous state.

If you're going with a local account only Windows 11 OS installation then:

• Backup the recovery keys safely offline,

AND

• Keep unencrypted backups of important data off the system (ideally several copies stored separately)

OR

• Disable BitLocker

Unless you have a very specific use case or "interesting" threat model then disabling BitLocker is my suggestion.

Once BitLocker it's disabled then ensure you are taking regular backups of import data off the PC, ideally multiple copies in separate places for redundancy.

Hardware and storage media do fail. Motherboards and their TPM / UEFI Firmware data do get damaged. That's where the BitLocker encryption keys are stored.

If the BitLocker recovery information on the motherboard is damaged or unrecoverable, your BitLocker encrypted data will be unrecoverable without the recovery keys.

#Windows #BitLocker #MicrosoftAccount #25H2 #DataRecovery

Как защитить ключи LUKS с помощью Рутокен ЭЦП 3.0 и алгоритмов ГОСТ Р 34.10-2012. Часть 4

Безопасная эксплуатация ноутбуков, или Защита пользовательского ключа с помощью алгоритмов ГОСТ Р 34.10-2012 В третьей части мы настроили защиту мастер-ключа с помощью USB-токена, используя RSA, но теперь мы перейдем на алгоритмы ГОСТ Р 34.10-2012. Жаркие. Зимние. Твои. А еще они основаны на более перспективных эллиптических кривых, которым не нужны такие большие ключи, чтобы обеспечить более высокий уровень безопасности.

https://habr.com/ru/companies/aktiv-company/articles/996516/

#linux #luks #полнодисковое_шифрование #рутокен #plymouth #openssl #pkcs11 #encrypt #bitlocker #гост_34102012

Как защитить ключи LUKS с помощью Рутокен ЭЦП 3.0 и алгоритмов ГОСТ Р 34.10-2012. Часть 3

Безопасная эксплуатация ноутбуков, или Защита пользовательского ключа с помощью USB-токена на примере Рутокен ЭЦП 3.0 Из второй части мы узнали, как настроить загрузку компьютера таким образом, чтобы для разблокирования системного диска использовались ключи, размещенные на внешнем USB-накопителе. Однако при краже компьютера вместе с этим накопителем злоумышленник сможет получить доступ к данным так, как если бы они не были защищены вовсе, поэтому наиболее привлекательным способом решения поставленной задачи видится использование USB-токенов и смарт-карт, таких как Рутокен ЭЦП 3.0 или JaCarta-2 ГОСТ. Токены представляют собой защищенные микроконтроллеры со встроенной энергонезависимой памятью, поэтому способны выполнять все вычисления самостоятельно без использования ресурсов центрального процессора, не допуская копирование закрытого ключа с устройства, что обеспечивает максимально высокий уровень безопасности.

https://habr.com/ru/companies/aktiv-company/articles/994834/

#linux #luks #полнодисковое_шифрование #рутокен #plymouth #rsa #openssl #pkcs11 #encrypt #bitlocker

If you do update to Windows 11 25H2 check the encryption status on your boot volume.

On mine, it enabled BitLocker without any user interaction or warning.

I have a local account, so where was it expecting to store the recovery key? 🤔

#Windows11 #25H2 #Bitlocker

If you do update to Windows 11 25H2 check the encryption status on your boot volume.

On mine, it enabled BitLocker without any user interaction or warning.

I have a local account, so where was it expecting to store the recovery key? 🤔

#Windows11 #25H2 #Bitlocker

Copilot+ PC meets Recall

Nichts wurde heisser diskutiert bei der Präsentation des Copilot+ PC und das Programms #Recall auf der #Microsoft Build 2024.
Ich erkläre Funktionen und Sicherheitsaspekte und lade zur Diskussion beim Microsoft 365 Café am 12. Juni 2024 ein.

Hier weitere Informationen: https://bit.ly/3KHHWrr

#MSBuild #Sicherheit #KIaufdemLaptop #Bedenken #Datenschutz
#CopilotPC #ARM #NPU #SnapShots #DRM #Bitlocker #Preview #ContentStaysLocal