November 14, 2023—KB5032202 (OS Build 25398.531)

November 14, 2023—KB5032202 OS Build 25398.531 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

November 14, 2023—KB5032197 (OS Build 14393.6452) - EXPIRED

November 14, 2023—KB5032197 OS Build 14393.6452 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 11/19/20 For...

syria-life.com Improper Access Control vulnerability OBB-3812614

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

November 14, 2023—KB5032249 (Monthly Rollup)

November 14, 2023—KB5032249 Monthly Rollup IMPORTANT The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU...

November 14, 2023—KB5032254 (Monthly Rollup)

November 14, 2023—KB5032254 Monthly Rollup REMINDER Windows Server 2008 SP2 Extended Security Updates third and final year of ESU ended on January 10, 2023. Many customers are taking advantage of Azures commitment to security and compliance and have moved to Azure to protect their Windows Server...

October 26, 2023—KB5031445 (OS Build 19045.3636) Preview

October 26, 2023—KB5031445 OS Build 19045.3636 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...

islamicreliefsyria.org Cross Site Scripting vulnerability OBB-3757340

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploiting Tragedy: Fake Donation Scams Amid Earthquake in Turkey & Syria

Exploiting Tragedy: Fake Donation Scams Amid Earthquake in Turkey & Syria By Daksh Kapur · February 23, 2023 Figure 1 image from freepik.com & flaticon.com The recent earthquake that shook Syria and Turkey left a devastating trail of destruction. The whole world has shown its support and...

Exploiting Tragedy: Fake Donation Scams Amid Earthquake in Turkey & Syria

Exploiting Tragedy: Fake Donation Scams Amid Earthquake in Turkey & Syria By Daksh Kapur · February 23, 2023 Figure 1 image from freepik.com & flaticon.com The recent earthquake that shook Syria and Turkey left a devastating trail of destruction. The whole world has shown its support and...

Russian Hacker Group Disrupts Relief Efforts for Turkey-Syria Earthquake with DDoS Attacks

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Killnet, a Russian hacker group, disrupted relief efforts for the Turkey-Syria earthquake by carrying out DDoS attacks, taking down the websites of NATO Special Operations Headquarters and Strategic...

StrongPity Hackers Distribute Trojanized Telegram App to Target Android Users

The advanced persistent threat APT group known as StrongPity has targeted Android users with a trojanized version of the Telegram app through a fake website that impersonates a video chat service called Shagle. "A copycat website, mimicking the Shagle service, is used to distribute StrongPity's...

Meta Takes Down Fake Facebook and Instagram Accounts Linked to Pro-U.S. Influence Operation

Meta Platforms on Tuesday said it took down a network of accounts and pages across Facebook and Instagram that were operated by people associated with the U.S. military to spread narratives that depicted the country in a favorable light in the Middle East and Central Asia. The network, which...

[SECURITY] [DLA 3161-1] tzdata new timezone database

------------------------------------------------------------------------- Debian LTS Advisory DLA-3161-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 26, 2022 https://wiki.debian.org/LTS -...

Google Warns of New Spyware Targeting iOS and Android Users

The spyware has been used to target people in Italy, Kazakhstan, and Syria, researchers at Google and Lookout have found...

Facebook Bans Pakistani and Syrian Hacker Groups for Abusing its Platform

Meta, the company formerly known as Facebook, announced Tuesday that it took action against four separate malicious cyber groups from Pakistan and Syria who were found targeting people in Afghanistan, as well as journalists, humanitarian organizations, and anti-regime military forces in the West...

New Cyber Espionage Group Targeting Ministries of Foreign Affairs

Cybersecurity researchers on Thursday took the wraps off a new cyber espionage group that has been behind a series of targeted attacks against diplomatic entities and telecommunication companies in Africa and the Middle East since at least 2017. Dubbed "BackdoorDiplomacy," the campaign involves...

Advanced StrongPity Hackers Target Syria and Turkey with Retooled Spyware

Cybersecurity researchers today uncovered new details of watering hole attacks against the Kurdish community in Syria and Turkey for surveillance and intelligence exfiltration purposes. The advanced persistent threat behind the operation, called StrongPity, has retooled with new tactics to contro...

Advanced StrongPity Hackers Target Syria and Turkey with Retooled Spyware

Cybersecurity researchers today uncovered new details of watering hole attacks against the Kurdish community in Syria and Turkey for surveillance and intelligence exfiltration purposes. The advanced persistent threat behind the operation, called StrongPity, has retooled with new tactics to contro...

Is ‘REvil’ the New GandCrab Ransomware?

The cybercriminals behind the GandCrab ransomware-as-a-service RaaS offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead...

Israel Neutralizes Cyber Attack by Blowing Up A Building With Hackers

The Israel Defense Force IDF claims to have neutralized an "attempted" cyber attack by launching airstrikes on a building in Gaza Strip from where it says the attack was originated. As shown in a video tweeted by IDF, the building in the Gaza Strip, which Israeli fighter drones have now destroyed...