Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.

Windows RPC enumeration, discovery, and auditing via NtObjectManager. We will audit the vulnerable RPC interfaces that lead to PetitPotam, discover how they have changed over the past year, and overcome some common RPC auditing pitfalls.

The National Security Agency (NSA) and partner cybersecurity authorities released a Cybersecurity Information Sheet today recommending that Microsoft Windows® operators and administrators properly

7-zip has finally added support for the long-requested 'Mark-of-the-Web' Windows security feature, providing better protection from malicious downloaded files.

Raspberry Robin is a worm spread by external drives that leverages Windows Installer to download a malicious DLL.

Don’t let cyber threats get the best of you. Read our post, SVCReady: A New Loader Gets Ready, to learn more about cyber threats and cyber security.

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings). - GitHub - Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

For April Patch Tuesday, the computing giant addressed a zero-day under active attack and several critical security vulnerabilities, including three that allow self-propagating exploits.

On December 14, 2021, during the Log4Shell chaos, Microsoft published CVE-2021-43893, a remote privelege escalation vulnerability affecting Windows EFS.

In December 2021, we discovered a new multi-platform backdoor that targets Windows, Mac, and Linux that we have named SysJoker.