Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts

Bleeping Computer - 24 Duben, 2025 - 22:24
Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. [...]
Kategorie: Hacking & Security

Lazarus hackers breach six companies in watering hole attacks

Bleeping Computer - 24 Duben, 2025 - 21:13
In a recent espionage campaign, the infamous North Korean threat group Lazarus targeted multiple organizations in the software, IT, finance, and telecommunications sectors in South Korea. [...]
Kategorie: Hacking & Security

Microsoft fixes machine learning bug flagging Adobe emails as spam

Bleeping Computer - 24 Duben, 2025 - 21:02
Microsoft says it mitigated a known issue in one of its machine learning (ML) models that mistakenly flagged Adobe emails in Exchange Online as spam. [...]
Kategorie: Hacking & Security

Frederick Health data breach impacts nearly 1 million patients

Bleeping Computer - 24 Duben, 2025 - 18:19
​A ransomware attack in January at Frederick Health Medical Group, a major healthcare provider in Maryland, has led to a data breach affecting nearly one million patients. [...]
Kategorie: Hacking & Security

Složka inetpub měla být obranným valem, ale snadno zlikviduje Windows Update

Zive.cz - bezpečnost - 24 Duben, 2025 - 17:45
**Systémové disky s Windows mají od dubna složku inetpub. **Je součástí ochrany proti manipulaci se soubory. **Bezpečnostní výzkumník tvrdí, že ale vytváří nový problém.
Kategorie: Hacking & Security

Microsoft now pays up to $30,000 for some AI vulnerabilities

Bleeping Computer - 24 Duben, 2025 - 17:06
Microsoft announced an increase in bug bounty payouts to $30,000 for AI vulnerabilities found in Dynamics 365 and Power Platform services and products. [...]
Kategorie: Hacking & Security

Interlock ransomware claims DaVita attack, leaks stolen data

Bleeping Computer - 24 Duben, 2025 - 16:59
The Interlock ransomware gang has claimed the cyberattack on DaVita kidney dialysis firm and leaked data allegedly stolen from the organization. [...]
Kategorie: Hacking & Security

Yale New Haven Health data breach affects 5.5 million patients

Bleeping Computer - 24 Duben, 2025 - 16:12
Yale New Haven Health (YNHHS) is warning that threat actors stole the personal data of 5.5 million patients in a cyberattack earlier this month. [...]
Kategorie: Hacking & Security

Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware

The Hacker News - 24 Duben, 2025 - 16:11
At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea's software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest evidence of compromise was first detected in Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Microsoft fixes bug causing incorrect 0x80070643 WinRE errors

Bleeping Computer - 24 Duben, 2025 - 15:54
Microsoft says it resolved a known issue causing erroneous 0x80070643 installation failure errors when deploying the April 2025 Windows Recovery Environment (WinRE) updates. [...]
Kategorie: Hacking & Security

Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools

The Hacker News - 24 Duben, 2025 - 14:58
Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring. This causes a "major blind spot in Linux runtime security tools," ARMO said. "This mechanism allows a user application to perform various actions without using system calls," the company said in Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign

The Hacker News - 24 Duben, 2025 - 14:56
The Evolving Healthcare Cybersecurity Landscape  Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted and the convergence of IT and medical systems creating an expanded attack surface, traditional security approaches are proving inadequate. According to recent statistics, the healthcare sector [email protected]
Kategorie: Hacking & Security

159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure

The Hacker News - 24 Duben, 2025 - 14:55
As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. "We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure," VulnCheck said in a report shared with The Hacker News. This translates to 45 security flaws that have been weaponizedRavie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

European tech firm rallies for digital sovereignty amid rising tech nationalism globally

Computerworld.com [Hacking News] - 24 Duben, 2025 - 14:39

A growing chorus of European technology executives is calling for the continent to assert control over its digital future, with Danish IT services giant Netcompany leading the latest push for technological self-reliance.

In an open letter published on Wednesday — coinciding with the symbolic illumination of the Statue of Liberty replica in Paris a day before — Netcompany CEO André Rogaczewski explicitly challenged Europe’s dependence on foreign technology platforms and urged the region to “bring our data home.”

“From social media to cloud infrastructure, from applications to algorithms, we are dependent on technologies developed elsewhere, by actors who may not share our values,” warned Rogaczewski, whose firm employs over 8,000 technology consultants across Europe.

The high-profile campaign comes amid escalating tensions in global technology markets, with the European Commission recently intensifying scrutiny of US cloud providers’ market practices and ahead of upcoming EU-US discussions on trans-Atlantic data governance frameworks.

“We are calling for European solutions — built by European companies, run on European data, and accountable to European citizens,” Rogaczewski stated, directly challenging the market dominance of American tech giants including Microsoft, Google, and Amazon Web Services, which collectively control a significant majority of Europe’s cloud infrastructure market according to industry reports.

Europe’s strategic pivot in digital policy

The remarks come amid a concerted push by European governments and institutions to localize control over key digital systems. Recent EU policies — the Digital Services Act, the Digital Markets Act, and the AI Act — are part of an evolving legal framework to strengthen regional oversight of platforms, algorithms, and cloud-based services.

A month ago, leading European companies and lobbying groups — including Airbus, Element, and Nextcloud — under the umbrella of “EuroStack Initiative” signed an open letter urging the creation of an EU sovereign infrastructure fund to boost public investment in innovative technologies and build strategic autonomy in key sectors.

“Building strategic autonomy in key sectors is now a recognised urgent imperative across Europe. As part of this common effort, Europe needs to recover the initiative, and become more technologically independent across all layers of its critical digital infrastructure,” the EuroStack letter read.

These initiatives follow a global trend where technology is no longer seen purely through the lens of innovation or efficiency but as a strategic national asset. The US has tightened its grip on semiconductor exports to China. China, in turn, is accelerating its own domestic tech stack and enforcing data localization. In this shifting context, Europe’s historical reliance on the US and Chinese digital infrastructure has become a liability.

Building a European tech ecosystem

Netcompany, a publicly listed IT services provider with operations across Europe, is among a growing number of regional firms advocating for digital sovereignty. Their CEO’s comments underline the urgency to reduce reliance on US-based cloud giants and software vendors. Instead, the letter encourages a continental effort to cultivate indigenous technologies that align with European legal standards and ethical norms.

“Technology lies at the heart of our wealth creation,” Rogaczewski said. “It drives our competitiveness and sits at the very center of how we communicate, learn, and develop as societies.”

This vision extends beyond public discourse into concrete initiatives. GAIA-X, a European cloud infrastructure initiative, exemplifies this push toward a sovereign tech ecosystem, alongside other strategic programs including SiPearl and the EU’s AI Continent Action Plan that target capabilities in cloud infrastructure, semiconductors, and AI.

US tech giants have not been idle in response to these sovereignty concerns. Amazon Web Services, for instance, has committed to a €7.8 billion ($8.9 billion) investment in an “AWS European Sovereign Cloud” and maintains that its approach has been “sovereign-by-design” from the beginning, with customers having “complete control over where they locate their data” within European regions and verifiable control over who can access it.

“While complete technological independence is a complex and long-term goal, Europe is clearly building momentum toward digital and AI sovereignty,” said Shreeya Deshpande, senior analyst at Everest Group, highlighting how the coordinated nature of such efforts reflects growing momentum across Europe.

While challenges remain, particularly in scaling and integrating across fragmented markets, the political will and regulatory backing for European tech nationalism is growing.

Sovereignty without isolation

Rogaczewski’s appeal reflects a growing consensus among European stakeholders that sovereignty does not mean isolation. Rather, it signals a recalibration of Europe’s role in the global digital order. Europe is seeking to maintain open markets and innovation, while ensuring that core digital infrastructure and sensitive data remain under regional control.

“Emerging mechanisms, such as data embassies and sovereign cloud frameworks, offer a practical middle path — enabling countries to maintain legal and operational control over data and AI systems while remaining interoperable with global platforms,” Deshpande added.

The message resonates with policymakers who see technology not just as a tool of commerce but as a pillar of democratic governance. “This places our security, sovereignty, and democracy at risk,” Rogaczewski warned, referring to Europe’s current dependency on foreign platforms.

The lighting of the Statue of Liberty — once gifted by France to the US as a symbol of shared democratic values — served as a potent backdrop to Rogaczewski’s message. He framed his letter as both a reminder of historical ties and a warning that those values are now “under heavy pressure.” “Our modern societies are based on the very same principles of freedom and democracy,” he wrote. “We must stand united in our commitment to these values and fight for them each and every day.”

Kategorie: Hacking & Security

Linux 'io_uring' security blindspot allows stealthy rootkit attacks

Bleeping Computer - 24 Duben, 2025 - 14:00
A significant security gap in Linux runtime security caused by the 'io_uring' interface allows rootkits to operate undetected on systems while bypassing advanced Enterprise security software. [...]
Kategorie: Hacking & Security

White House condemns Europe’s ‘extortion’ of Apple and Meta

Computerworld.com [Hacking News] - 24 Duben, 2025 - 13:58

If it looks like a trade war, swims like a trade war, and quacks like a trade war, then it’s probably a trade war that has now broken out — this time between the US and the EU as the White House condemns Europe’s punitive fines against Apple and Meta, fines the companies intend to appeal.

Europe hit Apple and Meta with fines of €500m and €200m, respectively, yesterday, punishing both companies for noncompliance with Europe’s Digital Markets Act, a piece of legislation that pretends to be about opening up markets but seems custom-designed to impact the US tech giants.

The White House has called these fines a “novel form of economic extortion” and has warned Europe that the US will not tolerate the magnitude of these fines.

Custom-fitted penalties

The steep fines surprised most commentators, as whispers coming out of the bloc had hinted that the EU would impose minimal fines against both tech companies in order to avoid reprisals from the US administration. This doesn’t seem to be what happened, unless we assume that €700m is now seen as small change by Europe’s leaders, who appear to have given themselves the right to charge US companies even more. 

The fines come as Europe and the US attempt to forge new trading agreements in response to pressure from the US administration and its tariff threats. While the impact of tariffs will hurt US consumers most, repercussions will also be felt by manufacturers and trading partners who have fed US demand until now.

The effect will also soon be felt on a wider basis as a trade barrier-induced slump hits shipping and distribution globally in the coming weeks, reflecting the slowdown in demand around the imposition of those tariffs. 

Playing at leadership

Despite the looming risk of consequences for their own economies, both in terms of manufacturing demand and the impact on their own manufacturing businesses of an onset of low-cost consumer goods originally destined for the US market, Europe’s leaders seem to want to cosplay at playing hardball.

European Commission spokesperson Thomas Regnier recently said the EU “will enforce our tech legislation without any doubt, and this has nothing to do with the trade negotiations currently ongoing with the US.”

That may be how Europe’s leaders see it, but their self-perception means little to a White House that sees these fines as extortionate reprisals against some of America’s biggest and most successful firms.

The administration is far more likely to cleave to the opinion of Meta and Apple:

  • “The European Commission is attempting to handicap successful American businesses while allowing Chinese and European companies to operate under different standards,” Meta said.
  • “Today’s announcements are yet another example of the European Commission unfairly targeting Apple in a series of decisions that are bad for the privacy and security of our users, bad for products, and force us to give away our technology for free,” Apple said.
Who designed the rules, and for what purpose?

While Regnier insists the rules are being applied fairly and would be applied against any firm, no matter where they are from, critics argue that the DMA seems to have been expressly drafted to constrain the power of US firms.

The US is not blind to this conjecture. “Extraterritorial regulations that specifically target and undermine American companies, stifle innovation, and enable censorship will be recognized as barriers to trade and a direct threat to free civil society,” said a White House spokesperson.

The bellicose response emerging from within the US administration suggests it is quite willing to issue its own set of reprisals against Europe’s attempts to fine the tech firms — but that response may not be immediate, pending the result of any legal appeals to those decisions on the part of Apple and Meta.

The scenario doesn’t equate to the best mood music.

At a time when the administration is practicing a very blunt approach to making deals, European leaders seem to want to hide the true nature of their own equally self-serving responses behind unconvincing veneers of respectability (such as the DMA).

Will the future be better tomorrow?

In this kind of context, the idea that relationships may become worse before they get better isn’t just a problem waiting to happen. It appears to be a problem that’s already here.

Like a squawking duck, this particular sequence of events certainly seems to be forming up to become exactly what it sounds like as the US administration puts its own perception of national interest first, unleashing a challenging set of circumstances for businesses worldwide, including those of Apple and Facebook, the US business entities it probably sees itself as trying to protect. 

Ironically, the consequences of these combined sequences of events probably won’t unleash a great deal of benefit for anyone — except, possibly, for some wealthy individuals who want to sell apps via their own App Store.

US President George W. Bush once famously said, “The future will be better tomorrow.”

Right now, in the absence of positive dialogue, that’s not what I see coming down the pipe.

You can follow me on social media! Join me on BlueSky,  LinkedInMastodon, and MeWe

Kategorie: Hacking & Security

Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals

The Hacker News - 24 Duben, 2025 - 13:27
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities. "This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes," Netcraft said in a fresh report shared with The Hacker News.Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

6 steps to recover missing data in Windows

Computerworld.com [Hacking News] - 24 Duben, 2025 - 13:00

Sadly, there are many reasons why data stored on disk drives in Windows can — and sometimes does — go missing.

As someone who’s used Windows 11 since the day after the first Insider Preview appeared on June 28, 2021, I’ve been through a dozen different data recovery incidents over the past 3-plus years. Some of these have resulted from failing storage media, others from issues with cables or connectors between the media and the PC or its motherboard, and one or two have been self-inflicted arising from mistakes when using disk partitioning or repair utilities. What can I say? I like to experiment, and break things so I can fix them.

In each of these incidents I’ve been able to claw back my missing data, and in most cases you can too. In this story I’ll go over several techniques you can use to try to recover lost files. I’ll use Windows 11 in the examples throughout, but these tips apply to Windows 10 as well.

In this article:

  • Three main reasons for data loss
  • When recovery is needed, backup’s the thing
  • Step 1 to data recovery: Recycle Bin
  • Step 2: Windows Backup / File History
  • Step 3: chkdsk
  • Step 4: Windows File Recovery
  • Step 5: Partition/data recovery
  • If file recovery succeeds, follow up with a disk health check
  • Step 6: Call in the professionals

As with my tutorials for repairing Microsoft Office and repairing Windows itself, the idea is to perform these steps in order. If the first step doesn’t work, move on to the next, and so forth. With luck, you’ll recover your missing data early in the sequence.

But first, let’s take a look at the main culprits when it comes to Windows data going MIA.

Three main reasons for data loss

In most cases, three primary causes stand behind situations that call for data recovery. These are:

1. File or file structure damage or corruption. Basically, files are just long sequences of bits (1s and 0s) chained together through a master file table (or its equivalent) on the storage media. For various reasons, those patterns can become damaged or disrupted. Consequently, they may go missing or become unreadable. In this case, your repair efforts attempt to restore those bits to their original form and order.

2. Partition or disk structure changes or damage. In Windows, storage devices use specific disk layouts to create logical volumes (which usually have names and associated drive letters) wherein file systems reside. Each volume (and certain other disk structures related to boot-up and recovery on Windows system/boot disks) has at least one associated on-disk partition. The drive maintains one or more copies of a partition table to keep track of disk extents, called sectors, where partitions (volumes and other special disk regions) reside.

When errors or unwanted changes affect a partition table, it must be repaired before the files and folders in any of the volumes it describes may be accessed. In this case, the repair process attempts to restore the partition table’s original structure and contents.

3. Storage hardware problems. For spinning disks, this might involve damage to a disk platter’s read/write heads or one of its recording surfaces, and usually manifests as loss of drive sectors. In severe cases, a storage device may fail completely so that its contents become completely unreadable. For SSDs, something similar can happen when the drive’s controller suffers from hardware errors, or when the flash memory locations under its control become damaged or unreadable.

For both kinds of drives, failure is often a progressive cascade. That is, it starts slowly, with the failure of one or two sectors or memory locations, and gets progressively worse over time. Eventually the device fails completely. At that point, end-user recovery is impossible, and one must turn to a data recovery company for expensive professional recovery services.

That’s why it’s best to act upon the first sign(s) of disk trouble while there’s still time to head problems off at the pass. In this case, repair means attempting to capture valid data from good sectors or locations before they have a chance to go bad.

When recovery is needed, backup’s the thing

Long before you encounter data loss issues, it’s worth employing one or both of Windows’ built-in file backup tools. File History takes snapshots of files stored in certain main folders in Windows 10 and 11. Windows Backup saves your files, apps, settings, and credentials to OneDrive in the cloud. These set ‘em and forget ‘em tools require little or no effort to use once set up; see my tutorials on File History and Windows Backup for details.

In my opinion, though, nothing beats access to a fresh, current system backup of a drive from which items may be missing or lost. For example, I keep project work on two separate SATA SSDs (F: and X:) and back them up every morning, along with the all-important C: boot/system drive where Windows itself lives. Thus, I’m reasonably sure that no matter what happens to one or more of those drives, I won’t lose more than a day’s work or data, worst case.

Before attempting any kind of file or data recovery on Windows 11, the first thing you should do (let’s call it Step 0) is back up the problem drive on which missing or inaccessible files or data once resided. This means you can always get back to where you started, should your own data recovery efforts cause further problems. You will then be able to turn the media over to a data recovery company that has tools and capabilities that ordinary users like you, dear reader, and I do not have at our disposal.

That’s the worst-case scenario, though. There are several steps you can take first to try to recover your lost files yourself. Let’s walk through those first, shall we?

Step 1 to data recovery: Recycle Bin

A typical situation that calls for data recovery is one where a user or some program has deleted a file from a Windows volume, intentionally or perhaps accidentally. Afterward, the user wishes to regain access to that file.

It seems obvious, but checking Recycle Bin to see if the missing file is present can often save a lot of unnecessary hassle when recovering lost items. Double-click the Recycle Bin icon on the desktop, then browse or use the search box to see if the missing file is there. If it turns up, a right-click on the item, then selecting Restore is all that’s needed to put the file back where it came from (see Figure 1).

Figure 1: Right-click any item in Recycle Bin, then click Restore. That’s all it takes to recover files from the Recycle Bin.

Ed Tittel / Foundry

If the file you seek is not available in the Recycle Bin, other actions may help.

Step 2: File History / Windows Backup

This step comes with some ifs attached. The first if is “Is File History (or Windows Backup) turned on?” The second if is “Does File History (or Windows Backup) include this file?” If so, the third if is “Are the damaged or missing files available through File History (or Windows Backup)?”

To briefly explain: both File History and Windows Backup are turned off by default and must be enabled. Even then, these utilities only back up files stored in specific folders — namely, Documents, Downloads, Pictures, Videos, and Music (a.k.a. “Library folders”) from the logged-in user’s file hierarchy. (See my File History and Windows Backup tutorials for details on setting them up, including a way to include additional folders in File History backups.)

If you have both tools enabled, consider what kind of restore operation you need. Windows Backup offers basically an “all-or-nothing” restore capability. If you’re simply looking to restore one or a small number of files and/or folders, it’s not the right tool for the job. Why? Because Restore in Windows Backup works through the Windows Installer — that is, when you start the Windows install process and log in with your Microsoft Account (MSA), it will offer to restore the PCs for which it has backups associated with that account through OneDrive. This is generally best reserved for situations where a full system restore or rebuild is called for. It’s not a good fit for restoring some smaller number of files or folders.

If you take this route, please understand you’ll have to wait through a clean Windows 10 or 11 install, after which Windows Backup will start the process of bringing your apps, files and folders, settings and preferences back (but there will still be more work for you, as explained in my Windows Backup tutorial — see the section “WB comes with a catch…”).

For a one-off file or just a handful of items, use File History instead.  Click Start > Settings, then type file history into the Settings search box. From the options that appear, select Restore your files with File History.

You’ll see a File Explorer-like view of your backed-up folders. Click any folder to drill down to the item you want. If you navigate into the Documents folder, for example, you’ll see its contents show up. By highlighting one or more files, you select them for a “copy back” operation. Then, when you click the green arrow at bottom center (see Figure 2), it will restore the files you’ve selected to their original location.

Figure 2: Select an item and click the green “back-circle” arrow to restore it.

Ed Tittel / Foundry

For in-depth details about File History, including its limitations, setup minutae, and the best way to configure it, see “How to use File History in Windows 10 and 11.”

If a file or folder is not available for restoration through File History or Windows Backup, more robust recovery is needed. That means it’s time to move on to the third step.

Step 3: chkdsk

If the affected drive remains readable and visible in Windows — that is, the drive letter still appears in File Explorer and some (or most) of its files and folders remain visible therein — the next step to recovery is to use the command line check disk utility, a.k.a. chkdsk.exe. You’ll need to run it at an administrative command prompt or in an administrative PowerShell session. (Type either cmd or powershell in the Windows search box, right-click Command Prompt or Windows PowerShell in the list of results, select Run as administrator, and enter the password if prompted.)

You can use either of two key parameters to effect disk repairs, as outlined on the MS Docs Windows Commands reference for chkdsk):

  • /f: Fixes errors on the disk. The disk must be locked. If chkdsk cannot lock the drive, a message appears that asks you if you want to check the drive the next time you start the computer.
  • /r: Locates bad sectors and recovers readable information. The disk must be locked. /r includes the functionality of /f, with the additional analysis of physical disk errors.

The only way to repair the Windows boot/system disk (usually drive letter C:) is to elect the option to repair after the next restart, followed by a restart of the affected PC.

For minor disk corruption or damage, this step is often as far as you’ll need to go. If it works, count yourself lucky — and make another backup right away!

Step 4: Windows File Recovery

Microsoft offers a good, basic file recovery utility called Windows File Recovery (winfr.exe) for Windows 10 version 2004 and up and all versions of Windows 11. It’s available in the Microsoft Store.

This utility launches in an administrative command prompt session and runs at the command line. I tried the command to recover download files, as shown in Figure 3.

Figure 3: winfr.exe is added to the path, and online examples are entirely worth trying out, as shown for downloads here.

Ed Tittel / Foundry

There is a learning curve involved in using this tool, but the user manual is available online and very much worth reading and exploring for those willing to tackle file and folder recovery at the command line. If you know what’s missing and where it resided, you can use it to recover files quickly and easily using specific filters — the more specific, the better, as I learned when recovering my old download files.

The winfr tool also supports what’s called “extensive mode,” which offers more comprehensive and far-reaching repair capabilities. Regular mode is turned on by default; you must use the /extensive parameter to access extensive mode’s capabilities. It’s good at handling non-NTFS file sytems (e.g., FAT and exFAT), and can find more files deleted longer ago. Extensive mode can also attempt repairs after formatting a disk — which takes us into territory for the next topic, partition repairs — and it is better able to cope with disk corruption than regular mode.

Those who prefer to undelete files using a graphical interface instead of working at the command line should try the free but good Piriform tool Recuva.

Step 5: Partition/data recovery

There are plenty of good third-party data recovery tools available for Windows 11. That said, those that can recover entire drives — especially big ones — or that offer partition and formatting recovery usually cost money.

For example, upgrading from the free version of Recuva to the Professional version means gaining more advanced file recovery, including partition recovery, recovery from damaged or reformatted disks, and more extensive recovery for long-deleted files and folders. It costs US$25 for a one-year subscription. Similarly, MiniTool Partition Wizard, which offers excellent partition handling and modest partition recovery in its free version, but adds extensive file, folder, and partition recovery capabilities to its Pro version (US$59 yearly).

Ditto for Stellar Data Recovery, which comes in a variety of versions that range from Standard (US$60 yearly) to Toolkit (US$299 yearly/$599 lifetime). Only those who need to recover BitLocker-encrypted or multi-OS drives need those higher-end versions. In my testing, the Toolkit version found 2.4TB of recoverable files on a 1.84TB drive, which strikes me as both impressive and entirely too comprehensive. You can see that in the lower left corner of Figure 4.

Figure 4: Remarkably, Stellar Data Recovery found 2.4TB of recoverable files on a 1.86TB drive.

Ed Tittel / Foundry

Stellar uses a simple File Explorer-like UI through which you can navigate to select files or folders to restore from its collection of recoverable items. It’s intuitive and easy to use, and quite fast, considering what it does (took less than 10 minutes to offer a huge list of recoverable files and folders, as shown).

Once partition or file recovery is effected, you can then tackle file and folder recovery from newly restored partitions (if needed), or from the list of recoverable items your tool offers up. In cases where accidental reformatting or partitioning mistakes have been self-inflicted — I’ve done this to myself on at least two occasions when I targeted the wrong drive — successfully restoring the old partitioning scheme usually brings all the old files and folders back, too.

If file recovery succeeds, follow up with a disk health check

Something had to cause whatever issues led you down the recovery road. If you’ve managed to recover data through chkdsk, Windows File Recovery, or another data recovery tool, it’s a good idea to give the problem disk a thorough checkup after that’s done.

Hard drive and SSD makers often offer such tools as downloads for the drives they sell, and there are plenty of free and for-a-fee tools available for disk health checks. I’m partial to the open-source CrystalDiskInfo because it provides a good overview of a disk’s SMART data (self-monitoring, analysis and reporting technology, which includes error counts that often signal impending disk failures).

Other tools such as HD Tune Pro ($35, occasionally available for free, plus free trial) and Hard Disk Sentinel (free trial available, $20 for the standard version, $30 for the pro version) offer more detailed disk diagnosis and surface/media scans to provide better information on disk health and condition. The former took 30 minutes to scan my 3-year-old Western Digital SN810 SSD (nominal 2TB; actual 1.86TB) before giving 80% of it a clean bill of health despite heavy usage, as shown in Figure 5. (The free trial won’t scan the full disk as an inducement to buy the Pro version.)

Figure 5: The HD Tune trial version error scan covers only 80% of any disk to persuade users to buy a Pro copy.

Ed Tittel / Foundry

If a disk shows questionable health or more than 10% of its sectors are damaged, it’s time to replace it. Make a backup while you still can, order a new device, and you’ll be able to restore the backup when the replacement arrives.

Step 6: Call in the professionals

If steps 1 through 5 fail, you’ll need to seek outside help. Here’s Software Testing Help’s list of the top 10+ data recovery services for those who must travel this road.

Hopefully, you’ll never need to send a drive to a professional data recovery service. If you do, be prepared to pay handsomely for their work. Charges of $300 and up are typical. (Bigger drives cost more, as you might expect.) And it can take weeks or months to get through their service queues.

Some companies will let you send them a replacement drive on which to restore what they find. Others will insist on selling you such a drive, sometimes at above-market prices. But sometimes, there is no alternative, and you’ll pay what you must to get precious or irreplaceable files and data back.

Be sure to work out as much of the cost picture as you can before sending a drive off for recovery. You don’t want the bill, however big it turns out to be, to come as a surprise. In my 30-plus years of working with personal computers, I’ve never had to send a drive off for professional recovery. Even so, it’s good to know such services exist should one ever need them.

Personally, I learned the value of backups in 1989, when a 300MB SCSI drive attached to a Macintosh cratered. I lost a book manuscript as a result. I’ve never been caught unprotected again, nor should you be. Happy computing!

This article was originally published in June 2021 and updated in April 2025.

Kategorie: Hacking & Security

Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely

The Hacker News - 24 Duben, 2025 - 12:00
A critical security flaw has been disclosed in the Commvault Command Center that could allow arbitrary code execution on affected installations. The vulnerability, tracked as CVE-2025-34028, carries a CVSS score of 9.0 out of a maximum of 10.0. "A critical security vulnerability has been identified in the Command Center installation, allowing remote attackers to execute arbitrary code without Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Google threatens employees’ jobs if they don’t come back to the office

Computerworld.com [Hacking News] - 24 Duben, 2025 - 08:05

During the pandemic, remote working was common. But many large tech companies have changed their tune in recent years, insisting that their employees to return to the office for at least part of the workweek — even when they lack adequate office space.

The latest news is that Google is now threatening to lay off employees in certain departments who are not in the office at least three days each week. For example, remote workers in the Technical Services unit were told they must choose between a hybrid work schedule and a voluntary exit package, according to CNBC. Employees in the unit who live more than 50 miles from the office will be offered financial compensation to move closer to work.

This follows an internal memo Google co-founder Sergey Brin sent in February, in which he urged employees working on the company’s Gemini AI model to be in the office every weekday and work 60 hours per week.

“Face-to-face collaboration is an important part of how we come up with new inventions and solve complex problems,” Google spokesperson Courtenay Mencini told CNBC.

Previously, tech giants Meta, IBM, Apple, Microsoft, Amazon, and Tesla, among many others, have chosen to limit the right to telework, despite numerous studies showing that RTO mandates hurt worker productivity, satisfaction, and retention.

Kategorie: Hacking & Security
Syndikovat obsah