🪟 “Faster Start, Search, Action Center” in an Experimental build = Microsoft finally admits the problem is how it feels, not just benchmarks. Welcome to latency therapy. #Windows #Microsoft #InsiderPreview windowsforum.com/threads/win… #TaskScheduler #InsiderPreview #Windows11

🪟 Build 28020.2298 is the “nothing to see here” update: Screen tint tiny Scheduler fix. The real flex? Microsoft sanding daily pain while quietly expanding accessibility. #Windows #Insider #Microsoft #Windows11 windowsforum.com/threads/win… #TaskScheduler #Windows11Insider

#threatreport #HighCompleteness Detecting Nimbus Manticore and their sideloading infection chains | 01-06-2026 Source: nextron-systems.com/2026/06/… Key details below ↓ 🧑‍💻Actors/Campaigns: Tortoiseshell 💀Threats: Dllsearchorder_hijacking_technique, Appdomain_hijacking_technique, Asyncrat, Junk_code_technique, Supply_chain_technique, 🎯Victims: Aerospace, Defense 🏭Industry: Aerospace, Bp_outsourcing, Financial 🌐Geo: Iran, Middle east 📚TTPs: ⚔️Tactics: 1 🛠️Technics: 0 🤖LLM extracted TTPs:` T1027, T1027.016, T1036, T1036.003, T1071.001, T1090, T1204.002, T1564.001, T1566.002, T1574.001, ... 🧨IOCs: - Url: 1 - File: 3 - Hash: 10 - Domain: 11 💽Software: Microsoft Visual Studio, Microsoft Word 🔢Algorithms: aes, zip 🔠Functions: TaskScheduler, CheckForUpdates 🗂️Win API: LoadLibrary, NtGlobalFlag YARA: Found #threatreport: The incident described highlights operations attributed to the Iran-nexus APT group Nimbus Manticore (also known as UNC1549 or Smoke Sandstorm), which primarily targets aerospace and defense sectors in the Middle East and Europe. This group utilizes sophisticated social engineering tactics, such as impersonating a legitimate headhunter on LinkedIn to lure victims into fake recruitment processes. Their phishing attempts include well-crafted PDFs and a legitimate-looking hiring portal, which eventually lead to the deployment of malware disguised as a two-factor authentication application. The malware employs a sideloading infection chain leveraging DLL search order hijacking and AppDomain hijacking techniques. In this instance, the malware payload is delivered in a ZIP file containing a renamed Microsoft Visual Studio component (setup.exe), which, upon execution, uses a manipulated configuration file to load an attacker-controlled assembly (TOTPGuard.dll). This setup is designed to remain inconspicuous, as the payload is signed by Microsoft and blends in with normal application behavior, thereby avoiding detection. Throughout their campaigns, Nimbus Manticore has exhibited a pattern of increasing obfuscation within their malware. The payload analyzed featured complex code obfuscation techniques, including opaque predicates and dynamic jump calculations, aimed at hindering static analysis and reverse engineering efforts. While previous implant functionalities have remained largely consistent, the enhancements in obfuscation suggest the operators are adapting to detection methodologies and improving their evasion tactics. The command-and-control (C2) infrastructure predominantly relies on Azure-hosted domains, which benefit from a trusted reputation and make adversarial traffic less likely to trigger alarms in environments accustomed to Azure services. Detection strategies have been proposed, emphasizing the analysis of domain age as a potential indicator of threat activity. Stricter access controls to new domains, particularly in sensitive business units, could mitigate exposure. To counteract these tactics, organizations are encouraged to adopt comprehensive security awareness training that covers phishing beyond email and emphasizes recognizing social engineering attacks via platforms like LinkedIn. Detecting suspicious behaviors, such as anomalous sideloading techniques and unusual application configurations, is crucial for defense against the evolving strategies of threat actors like Nimbus Manticore. Overall, while the fundamental behavior of this group remains stable, their operational sophistication continues to pose substantial challenges for cybersecurity defenses.

🚀Spring Boot: Use TaskScheduler to implement lightweight dynamic tasks (consider Quartz for more complex requirements). #SpringBoot #SoftwareDevelopment

By Usama Jawad - Tired of the ancient Task Scheduler UI? This Fluent-style remake just got a big update with ARM support and smarter task organization. #TaskScheduler #Windows neowin.net/news/unofficial-w…

i just checked its safe, same like endfield tools they're only accesing ur hypergryph folder, theres no taskscheduler command or anything malicious

/2 #APT36 Aboutus.dll #TaskScheduler bb760d70877f8b61a6578bd82412bfaf DonateUs.dll #ProcessEnum a9505870686301c9ab2fe68c287817c1 Funds Under Capital & Revenue Head (FY-2025-26) - HQ SWAC UPDATED_LIST_LTC_CLAIMS_177A an_introduction_to_indian_government_accounts_and_audit_1930

💡Spring Boot tip: Use TaskScheduler to implement lightweight dynamic tasks (consider Quartz for more complex requirements). #SpringBoot #JavaDev 🧵Text example to follow:

Maybe someone has a damn clue about #WindowsServer2025 and that messed up #TaskScheduler I’m planning to launch a #PowerShell every single day at 8:00 p.m. The task already starts but it doesn’t execute the script even running with highest privileges. Is it something related to write access to a folder. Damn just gimme #Linux and a crontab and it will work. ANY clue somebody? Thanks in advance? Yes damn that’s my job.

#ww3preventionTaskForrce #taskScheduler #scheduledLoveTask? #yah___i_do

#Booking 👇 Pdf>url>js>url>ps1>taskscheduler>ps1 👇 #Rhadamanthys 👇 account.bo0king.]co 👇 potalgonabunbunsed.blogspot.]com/ atom.xml i.pdf (ps1) 👇 hotelsep.blogspot.]com puddi.pdf (ps1) atom.xml 👇 stego ⛔️185.196.9.]212/master/5208wlg6.vnad9 Samples bazaar.abuse.ch/browse/tag/1…

Another week, another #Cybertember postcard! 💌 Today, I’m keynoting the 30th edition of @NTkonferenca - the largest business and technology conference in Slovenia. I’m really excited to be part of this event again - another year in a row! 🙌 My keynote isn’t the only occasion to meet today - you can also join one of my two lectures on Incident Response planning and Active Directory security. And a couple of technical insights from my session, for example how to find the malicious schedule task. There you go: - Event ID 4698 Scheduled task created. (Look for the task name, author, and command line.) - Event ID 4699 Scheduled task deleted. - Event ID 4624 Successful logon on either host (check LogonType). - Scheduled tasks create a batch and sometimes service logon (LogonType 4 and 5). - Network/remote authentications will show LogonType 3 or 10 depending on method. - Event ID 4648 A logon was attempted using explicit credentials (useful for detecting credential usage). - Event ID 4688 New process created (watch for schtasks.exe, powershell.exe, cmd.exe, at.exe, taskeng.exe, or custom loader binaries). - Task Scheduler (Operational) channel - Task Registered / Task Started (TaskScheduler/Operational logs), task action string containing powershell.exe -enc, cmd.exe /c, or schtasks /create /run. - Process parent/child chains - services.exe / taskeng.exe → powershell.exe / cmd.exe → network utilities (e.g., wmic, psexec, net.exe). - File system - dropped tools in C:\Windows\Tasks, C:\Windows\Temp, C:\Users\<user>\AppData\.... - Network telemetry - SMB (445), WinRM (5985/5986), RPC endpoints, remote PowerShell sessions, connections from Host-A to Host-B shortly after task run. - Token/process access events - if EDR records token duplication or process handle access, look for SeImpersonatePrivilege abuse or OpenProcess DuplicateToken calls. Who’s also here to chat about cybersec? Also, remember about our CQURE Newsletter, where we share free knowledge & webinars, and upcoming conferences 👉news.cqureacademy.com/sign-u… After signing up, you’ll get FREE ACCESS to 6 modules of our 1-Day Introduction to Threat Hunting, and if we reach 2000 new subscribers, we’ll additionally unlock ONE MORE EXTRA hour of the video material 🔓 P.S. Just look at this view of the Adriatic - I’m stunned by the beauty of Portorož 🌊 #NTkonferenca #NTkonferenca2025 #CQUREacademy #OnTheRoad #Cybersecurity

zuzia.app - AI-Powered Server Monitoring (@zuzia_app): #AI #ServerMonitoring #Automation #DevOps #TaskScheduler #Cloud #Analytics #SaaS #Startup

💡Spring Boot tip: Use TaskScheduler to implement lightweight dynamic tasks (consider Quartz for more complex requirements). ✅ Inject it and use it: ... @Autowired TaskScheduler scheduler; scheduler.schedule( () -> System.out.println("Hello!"), new CronTrigger("0 */5 * * * *") // every 5 min ); ... The injected bean is a ThreadPoolTaskScheduler, a built-in implementation of both TaskScheduler and ScheduledExecutorService. ✅ You can customize its configuration if you want: @Configuration @EnableScheduling public class SchedulerConfig { @Bean public TaskScheduler taskScheduler() { ThreadPoolTaskScheduler scheduler = new ThreadPoolTaskScheduler(); scheduler.setPoolSize(5); scheduler.setThreadNamePrefix("my-scheduler-"); scheduler.initialize(); return scheduler; } } #Java #SpringBoot

📣 New Podcast! "305 - TickerQ, un'ottima idea di base, ma potrà competere con Hangfire e Quartz?" on @Spreaker #dotnet #taskscheduler #tickerq spreaker.com/episode/305-tic…

Amen. I hate what this has done to the TaskScheduler API. I had to make a custom TaskScheduler for @DidactPlatform , and I had to account for this. Every background job runs on my custom TaskScheduler, but any calls to ConfigureAwait(false) auto-escape my TaskScheduler for the duration of that job until the TaskScheduler is “recaptured” by the next job. It’s like barely anyone in .NET ever thinks about TaskSchedulers. I wish they had done something different than tell people to throw this thing around everywhere.

What makes me sad is it completely ruined the TaskScheduler API. If you implement a custom task scheduler, code from most libraries (or even the BCL) will "escape" from it and return to the threadpool. IMO ConfigureAwait should have only ignored the SynchronizationContext.

Seismic Network is fundamentally different from most other ZK (zero-knowledge) projects because it is not just another prover or scaling solution. It is building a general-purpose, ZK-secured coordination and automation network a ZK-aware execution layer, not just a computation layer. Here’s what sets @SeismicSys apart: 1. ZK Coordination, Not Just Computation Most ZK projects focus on: • Proving (e.g., zkSync, Polygon zkEVM, Scroll) • Privacy (e.g., Aztec, Aleo) • Offchain compute proofs (e.g., RISC Zero, zkWASM projects) Seismic focuses on: • Coordinating and enforcing behavior across actors, like bots, agents, or smart contracts. • Think of it as a decentralized “TaskScheduler TruthOracle”, using ZK to ensure tasks are executed fairly and verifiably. 2. “Truth as a Service” (TaaS) Seismic offers a unique primitive: ZK-verified coordination guarantees. • Developers can request a truth check on actions, behavior, or workflows. • Seismic then provides cryptographic evidence that something happened or didn’t. This is not just about verifying computation, but verifying coordination, like: • Did this bot check liquidity across all venues? • Did this MEV strategy follow the agreed plan? • Did this keeper execute the job only when conditions were met? 3. Composable with AI, DeFi, Onchain Agents Seismic is built to: • Work with AI agents, enabling them to act with ZK-verified autonomy. • Plug into DeFi protocols to ensure offchain coordination is onchain-verifiable. • Offer guarantees that bots or relayers didn’t cheat, front-run, or deviate. Where other ZK projects say: “We can prove this computation is correct,” Seismic says: “We can prove the actor did what they were supposed to, and when.” 4. ZK as a Coordination Primitive Seismic isn’t about building the fastest prover or the most private chain it's about building trust in decentralized workflows. That’s a very different vision than: • zk-rollups (scaling) • privacy chains (hiding data) • ZKML (proving AI inference) Seismic is closest in spirit to a ZK middleware for agents, coordination, and workflow guarantees. @lyronctk @xealistt @NoxxW3 @heathcliff_eth @xplanettt

🚨 Don’t leave your break glass account unmonitored! Automate sign-in tracking with PowerShell and Task Scheduler and get email alerts in real time. 👉 o365reports.com/2025/07/08/s… #Microsoft365 #BreakGlassAccount #PowerShellScript #TaskScheduler #EmailAlerts #O365Reports

Reading the disassembled exec was a eyeopener. Later at university we wrote our own taskscheduler. I still imaging having features arexx gave us, where we could control multiple programs in one script.