#windowssecurity — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #windowssecurity, aggregated by home.social.
-
Windows SMB Flaw Enables File Lockdowns Without Traditional Ransomware Traces
New Windows 'GhostLock' flaw lets attackers lock files on SMB shares. It bypasses security and leaves no traditional ransomware traces. Learn how to respond.
#WindowsSecurity, #CyberAttack, #Ransomware, #SMB, #GhostLock
https://newsletter.tf/windows-ghostlock-flaw-locks-files-no-ransomware/
-
Attackers can now lock files on Windows SMB shares using a new 'GhostLock' method. This exploit is harder to detect than normal ransomware because it doesn't leave typical signs like file changes.
#WindowsSecurity, #CyberAttack, #Ransomware, #SMB, #GhostLock
https://newsletter.tf/windows-ghostlock-flaw-locks-files-no-ransomware/ -
Microsoft Confirms KB5083769 Breaks Macrium and Acronis Backups
#Microsoft #Windows11 #Windows10 #WindowsServer #MicrosoftWindows #WindowsUpdate #WindowsSecurity #SecurityPatches #SoftwareUpdate
-
Microsoft Confirms KB5083769 Breaks Macrium and Acronis Backups
#Microsoft #Windows11 #Windows10 #WindowsServer #MicrosoftWindows #WindowsUpdate #WindowsSecurity #SecurityPatches #SoftwareUpdate
-
Microsoft Confirms KB5083769 Breaks Macrium and Acronis Backups
#Microsoft #Windows11 #Windows10 #WindowsServer #MicrosoftWindows #WindowsUpdate #WindowsSecurity #SecurityPatches #SoftwareUpdate
-
Microsoft Confirms KB5083769 Breaks Macrium and Acronis Backups
#Microsoft #Windows11 #Windows10 #WindowsServer #MicrosoftWindows #WindowsUpdate #WindowsSecurity #SecurityPatches #SoftwareUpdate
-
Microsoft Confirms KB5083769 Breaks Macrium and Acronis Backups
#Microsoft #Windows11 #Windows10 #WindowsServer #MicrosoftWindows #WindowsUpdate #WindowsSecurity #SecurityPatches #SoftwareUpdate
-
Defender Misflags DigiCert Root Certificates, Breaking Windows SSL Trust
#MicrosoftDefender #Microsoft #DigiCert #Cybersecurity #Malware #AntivirusSoftware #WindowsSecurity #ThreatIntelligence #Windows11 #MicrosoftWindows
-
Defender Misflags DigiCert Root Certificates, Breaking Windows SSL Trust
#MicrosoftDefender #Microsoft #DigiCert #Cybersecurity #Malware #AntivirusSoftware #WindowsSecurity #ThreatIntelligence #Windows11 #MicrosoftWindows
-
Defender Misflags DigiCert Root Certificates, Breaking Windows SSL Trust
#MicrosoftDefender #Microsoft #DigiCert #Cybersecurity #Malware #AntivirusSoftware #WindowsSecurity #ThreatIntelligence #Windows11 #MicrosoftWindows
-
Defender Misflags DigiCert Root Certificates, Breaking Windows SSL Trust
#MicrosoftDefender #Microsoft #DigiCert #Cybersecurity #Malware #AntivirusSoftware #WindowsSecurity #ThreatIntelligence #Windows11 #MicrosoftWindows
-
Defender Misflags DigiCert Root Certificates, Breaking Windows SSL Trust
#MicrosoftDefender #Microsoft #DigiCert #Cybersecurity #Malware #AntivirusSoftware #WindowsSecurity #ThreatIntelligence #Windows11 #MicrosoftWindows
-
🔐 Just shipped a fix for the April 2026 Windows update (KB5083769) that flags unsigned RDP files as "Unknown Publisher".
If you manage RDP shortcuts via Intune and your users are suddenly seeing red security warnings — here's a complete solution:
✅ Self-signed code signing cert (no PKI required)
✅ rdpsign.exe signing workflow
✅ Intune Win32 package (install + uninstall scripts)
✅ Trusted Certificate profile + Settings Catalog policies
✅ Versioned detection rule for clean updates
✅ Supersedence pattern for migrating from unsigned deployments
Tested in production on a real M365 Business Premium environment.
🔗 github.com/Bluewal/m365-intune-scripts/tree/main/intune/rdp-signing
#Intune #Microsoft365 #RDP #BlueTeam #WindowsSecurity #MicrosoftDefender -
🔐 Just shipped a fix for the April 2026 Windows update (KB5083769) that flags unsigned RDP files as "Unknown Publisher".
If you manage RDP shortcuts via Intune and your users are suddenly seeing red security warnings — here's a complete solution:
✅ Self-signed code signing cert (no PKI required)
✅ rdpsign.exe signing workflow
✅ Intune Win32 package (install + uninstall scripts)
✅ Trusted Certificate profile + Settings Catalog policies
✅ Versioned detection rule for clean updates
✅ Supersedence pattern for migrating from unsigned deployments
Tested in production on a real M365 Business Premium environment.
🔗 github.com/Bluewal/m365-intune-scripts/tree/main/intune/rdp-signing
#Intune #Microsoft365 #RDP #BlueTeam #WindowsSecurity #MicrosoftDefender -
🔐 Just shipped a fix for the April 2026 Windows update (KB5083769) that flags unsigned RDP files as "Unknown Publisher".
If you manage RDP shortcuts via Intune and your users are suddenly seeing red security warnings — here's a complete solution:
✅ Self-signed code signing cert (no PKI required)
✅ rdpsign.exe signing workflow
✅ Intune Win32 package (install + uninstall scripts)
✅ Trusted Certificate profile + Settings Catalog policies
✅ Versioned detection rule for clean updates
✅ Supersedence pattern for migrating from unsigned deployments
Tested in production on a real M365 Business Premium environment.
🔗 github.com/Bluewal/m365-intune-scripts/tree/main/intune/rdp-signing
#Intune #Microsoft365 #RDP #BlueTeam #WindowsSecurity #MicrosoftDefender -
🔐 Just shipped a fix for the April 2026 Windows update (KB5083769) that flags unsigned RDP files as "Unknown Publisher".
If you manage RDP shortcuts via Intune and your users are suddenly seeing red security warnings — here's a complete solution:
✅ Self-signed code signing cert (no PKI required)
✅ rdpsign.exe signing workflow
✅ Intune Win32 package (install + uninstall scripts)
✅ Trusted Certificate profile + Settings Catalog policies
✅ Versioned detection rule for clean updates
✅ Supersedence pattern for migrating from unsigned deployments
Tested in production on a real M365 Business Premium environment.
🔗 github.com/Bluewal/m365-intune-scripts/tree/main/intune/rdp-signing
#Intune #Microsoft365 #RDP #BlueTeam #WindowsSecurity #MicrosoftDefender -
🔐 Just shipped a fix for the April 2026 Windows update (KB5083769) that flags unsigned RDP files as "Unknown Publisher".
If you manage RDP shortcuts via Intune and your users are suddenly seeing red security warnings — here's a complete solution:
✅ Self-signed code signing cert (no PKI required)
✅ rdpsign.exe signing workflow
✅ Intune Win32 package (install + uninstall scripts)
✅ Trusted Certificate profile + Settings Catalog policies
✅ Versioned detection rule for clean updates
✅ Supersedence pattern for migrating from unsigned deployments
Tested in production on a real M365 Business Premium environment.
🔗 github.com/Bluewal/m365-intune-scripts/tree/main/intune/rdp-signing
#Intune #Microsoft365 #RDP #BlueTeam #WindowsSecurity #MicrosoftDefender -
https://www.europesays.com/ie/447688/ Microsoft Changes Windows Security After 15 Years—Update By ‘End Of April’ #Éire #IE #Ireland #Microsoft #MicrosoftWarning #SecureBoot #Technology #Windows #WindowsSecurity #WindowsUpdate
-
What are Pass-the-Hash and Pass-the-Ticket Attacks: A Comprehensive Guide
In this article, I cover how these attacks work, their differences, and how to detect and mitigate them.
https://denizhalil.com/2026/01/05/pass-the-hash-pass-the-ticket-attacks-guide/#cybersecurity #ActiveDirectory #PassTheHash #PassTheTicket #credentialaccess #RedTeam #BlueTeam #Pentesting #InfoSec #WindowsSecurity #EthicalHacking #ITSecurity #denizhalil
-
What are Pass-the-Hash and Pass-the-Ticket Attacks: A Comprehensive Guide
In this article, I cover how these attacks work, their differences, and how to detect and mitigate them.
https://denizhalil.com/2026/01/05/pass-the-hash-pass-the-ticket-attacks-guide/#cybersecurity #ActiveDirectory #PassTheHash #PassTheTicket #credentialaccess #RedTeam #BlueTeam #Pentesting #InfoSec #WindowsSecurity #EthicalHacking #ITSecurity #denizhalil
-
What is NetBIOS and SMB Exploitation Techniques: A Practical Guide
In this article, I cover key exploitation techniques, real-world attack scenarios, and how to secure these services effectively.
https://denizhalil.com/2026/01/15/netbios-smb-exploitation-techniques-guide/
#CyberSecurity #SMB #NetBIOS #NetworkSecurity #ActiveDirectory #RedTeam #BlueTeam #Pentesting #InfoSec #WindowsSecurity #EthicalHacking #ITSecurity #DenizHalil
-
What is NetBIOS and SMB Exploitation Techniques: A Practical Guide
In this article, I cover key exploitation techniques, real-world attack scenarios, and how to secure these services effectively.
https://denizhalil.com/2026/01/15/netbios-smb-exploitation-techniques-guide/
#CyberSecurity #SMB #NetBIOS #NetworkSecurity #ActiveDirectory #RedTeam #BlueTeam #Pentesting #InfoSec #WindowsSecurity #EthicalHacking #ITSecurity #DenizHalil
-
What is NetBIOS and SMB Exploitation Techniques: A Practical Guide
In this article, I cover key exploitation techniques, real-world attack scenarios, and how to secure these services effectively.
https://denizhalil.com/2026/01/15/netbios-smb-exploitation-techniques-guide/
#CyberSecurity #SMB #NetBIOS #NetworkSecurity #ActiveDirectory #RedTeam #BlueTeam #Pentesting #InfoSec #WindowsSecurity #EthicalHacking #ITSecurity #DenizHalil
-
https://winbuzzer.com/2026/04/09/windows-zero-day-published-on-github-after-msrc-silence-xcxwbn/
Windows Zero-Day Published on Github as Microsoft Fails to Act
#Microsoft #Windows #WindowsSecurity #Cybersecurity #ZeroDayVulnerabilities #Exploits #Vulnerability #VulnerabilityDisclosure #SecurityResearch #Windows11 #BigTech
-
https://winbuzzer.com/2026/04/09/windows-zero-day-published-on-github-after-msrc-silence-xcxwbn/
Windows Zero-Day Published on Github as Microsoft Fails to Act
#Microsoft #Windows #WindowsSecurity #Cybersecurity #ZeroDayVulnerabilities #Exploits #Vulnerability #VulnerabilityDisclosure #SecurityResearch #Windows11 #BigTech
-
https://winbuzzer.com/2026/04/09/windows-zero-day-published-on-github-after-msrc-silence-xcxwbn/
Windows Zero-Day Published on Github as Microsoft Fails to Act
#Microsoft #Windows #WindowsSecurity #Cybersecurity #ZeroDayVulnerabilities #Exploits #Vulnerability #VulnerabilityDisclosure #SecurityResearch #Windows11 #BigTech
-
https://winbuzzer.com/2026/04/09/windows-zero-day-published-on-github-after-msrc-silence-xcxwbn/
Windows Zero-Day Published on Github as Microsoft Fails to Act
#Microsoft #Windows #WindowsSecurity #Cybersecurity #ZeroDayVulnerabilities #Exploits #Vulnerability #VulnerabilityDisclosure #SecurityResearch #Windows11 #BigTech
-
https://winbuzzer.com/2026/04/09/windows-zero-day-published-on-github-after-msrc-silence-xcxwbn/
Windows Zero-Day Published on Github as Microsoft Fails to Act
#Microsoft #Windows #WindowsSecurity #Cybersecurity #ZeroDayVulnerabilities #Exploits #Vulnerability #VulnerabilityDisclosure #SecurityResearch #Windows11 #BigTech
-
What is DCSync Attack and Mimikatz Usage in Active Directory
One of the most critical attacks in Active Directory environments, DCSync, allows attackers to impersonate a Domain Controller and extract password hashes through replication abuse.
#CyberSecurity #ActiveDirectory #DCSync #RedTeam #BlueTeam #InfoSec #Pentesting #SOC #ThreatDetection #WindowsSecurity #EthicalHacking #ITSecurity #NetworkSecurity #SecurityOperations #DenizHalil
https://denizhalil.com/2026/03/27/dcsync-attack-active-directory-guide/
-
What is DCSync Attack and Mimikatz Usage in Active Directory
One of the most critical attacks in Active Directory environments, DCSync, allows attackers to impersonate a Domain Controller and extract password hashes through replication abuse.
#CyberSecurity #ActiveDirectory #DCSync #RedTeam #BlueTeam #InfoSec #Pentesting #SOC #ThreatDetection #WindowsSecurity #EthicalHacking #ITSecurity #NetworkSecurity #SecurityOperations #DenizHalil
https://denizhalil.com/2026/03/27/dcsync-attack-active-directory-guide/
-
🚨 CRITICAL: CVE-2026-4606 in GeoVision GV-Edge Recording Manager 2.3.1 allows any local user to escalate to SYSTEM privileges (CVSS 10.0). Patch or restrict local access now! https://radar.offseq.com/threat/cve-2026-4606-cwe-250-execution-with-unnecessary-p-39d565c1 #OffSeq #Vulnerability #WindowsSecurity #GeoVision
-
🚨 CRITICAL: CVE-2026-4606 in GeoVision GV-Edge Recording Manager 2.3.1 allows any local user to escalate to SYSTEM privileges (CVSS 10.0). Patch or restrict local access now! https://radar.offseq.com/threat/cve-2026-4606-cwe-250-execution-with-unnecessary-p-39d565c1 #OffSeq #Vulnerability #WindowsSecurity #GeoVision
-
🚨 CRITICAL: CVE-2026-4606 in GeoVision GV-Edge Recording Manager 2.3.1 allows any local user to escalate to SYSTEM privileges (CVSS 10.0). Patch or restrict local access now! https://radar.offseq.com/threat/cve-2026-4606-cwe-250-execution-with-unnecessary-p-39d565c1 #OffSeq #Vulnerability #WindowsSecurity #GeoVision
-
🚨 CRITICAL: CVE-2026-4606 in GeoVision GV-Edge Recording Manager 2.3.1 allows any local user to escalate to SYSTEM privileges (CVSS 10.0). Patch or restrict local access now! https://radar.offseq.com/threat/cve-2026-4606-cwe-250-execution-with-unnecessary-p-39d565c1 #OffSeq #Vulnerability #WindowsSecurity #GeoVision
-
One of Microsoft's [1] recent #Windows 11 updates improves Windows security via the extremely effective tactic of making the C: drive inaccessible.
https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-25h2#3801msgdesc
[1] AKA #Microslop these days.
#security #WeveHeardOfIt #WindowsUpdate #WindowsUpdates #Windows11 #WindowsSecurity #oops #brick #quality #qwality #Microsoft
-
One of Microsoft's [1] recent #Windows 11 updates improves Windows security via the extremely effective tactic of making the C: drive inaccessible.
https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-25h2#3801msgdesc
[1] AKA #Microslop these days.
#security #WeveHeardOfIt #WindowsUpdate #WindowsUpdates #Windows11 #WindowsSecurity #oops #brick #quality #qwality #Microsoft
-
One of Microsoft's [1] recent #Windows 11 updates improves Windows security via the extremely effective tactic of making the C: drive inaccessible.
https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-25h2#3801msgdesc
[1] AKA #Microslop these days.
#security #WeveHeardOfIt #WindowsUpdate #WindowsUpdates #Windows11 #WindowsSecurity #oops #brick #quality #qwality #Microsoft
-
One of Microsoft's [1] recent #Windows 11 updates improves Windows security via the extremely effective tactic of making the C: drive inaccessible.
https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-25h2#3801msgdesc
[1] AKA #Microslop these days.
#security #WeveHeardOfIt #WindowsUpdate #WindowsUpdates #Windows11 #WindowsSecurity #oops #brick #quality #qwality #Microsoft
-
One of Microsoft's [1] recent #Windows 11 updates improves Windows security via the extremely effective tactic of making the C: drive inaccessible.
https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-25h2#3801msgdesc
[1] AKA #Microslop these days.
#security #WeveHeardOfIt #WindowsUpdate #WindowsUpdates #Windows11 #WindowsSecurity #oops #brick #quality #qwality #Microsoft
-
https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/
Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In
#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys
-
https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/
Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In
#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys
-
https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/
Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In
#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys
-
https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/
Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In
#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys
-
https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/
Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In
#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys
-
https://winbuzzer.com/2026/02/19/fake-captcha-trick-installs-stealc-on-windows-pcs-xcxwbn/
Fake CAPTCHA Trick Installs StealC on Windows PCs
#Windows #Security #Cybersecurity #StealC #Malware #Cybercrime #Hackers #WindowsSecurity #PowerShell #Scams #DataTheft #ThreatActors #CyberThreats #Cyberattacks #MicrosoftOutlook #Steam #Cryptocurrency
-
https://winbuzzer.com/2026/02/19/fake-captcha-trick-installs-stealc-on-windows-pcs-xcxwbn/
Fake CAPTCHA Trick Installs StealC on Windows PCs
#Windows #Security #Cybersecurity #StealC #Malware #Cybercrime #Hackers #WindowsSecurity #PowerShell #Scams #DataTheft #ThreatActors #CyberThreats #Cyberattacks #MicrosoftOutlook #Steam #Cryptocurrency
-
https://winbuzzer.com/2026/02/19/fake-captcha-trick-installs-stealc-on-windows-pcs-xcxwbn/
Fake CAPTCHA Trick Installs StealC on Windows PCs
#Windows #Security #Cybersecurity #StealC #Malware #Cybercrime #Hackers #WindowsSecurity #PowerShell #Scams #DataTheft #ThreatActors #CyberThreats #Cyberattacks #MicrosoftOutlook #Steam #Cryptocurrency
-
https://winbuzzer.com/2026/02/19/fake-captcha-trick-installs-stealc-on-windows-pcs-xcxwbn/
Fake CAPTCHA Trick Installs StealC on Windows PCs
#Windows #Security #Cybersecurity #StealC #Malware #Cybercrime #Hackers #WindowsSecurity #PowerShell #Scams #DataTheft #ThreatActors #CyberThreats #Cyberattacks #MicrosoftOutlook #Steam #Cryptocurrency
-
https://winbuzzer.com/2026/02/19/fake-captcha-trick-installs-stealc-on-windows-pcs-xcxwbn/
Fake CAPTCHA Trick Installs StealC on Windows PCs
#Windows #Security #Cybersecurity #StealC #Malware #Cybercrime #Hackers #WindowsSecurity #PowerShell #Scams #DataTheft #ThreatActors #CyberThreats #Cyberattacks #MicrosoftOutlook #Steam #Cryptocurrency
-
A case study: detecting and removing a coinminer that persists via svchost DcomLaunch by adding a u###### service and a PowerShell script to automate cleanup https://hackernoon.com/how-i-removed-a-rogue-u-service-hiding-in-dcomlaunch #windowssecurity