Security News > 2021 > September

Microsoft accidentally broke the Start menu and taskbar on systems of Windows Insiders after pushing a Teams promo to the desktops of users running Windows 11 preview builds. While the company didn't explain the reason behind Dev and Beta Channel Insiders experiencing Start menu and taskbar unresponsive and having issues accessing other OS areas, including Settings, developer Daniel Aleksandersen discovered that a buggy promo deployment caused the problem.

Oh! No! The Windows desktop that got so big it imploded. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.

Fail2ban is one of the first pieces of software I install on Linux servers. I'm going to walk you through that very thing, demonstrating the process that will help you get fail2ban installed on either Rocky Linux or AlmaLinux.

The coronavirus pandemic presented the perfect opportunity for security teams to evaluate the state of their incident-response process. According to a survey conducted by Red Canary, Kroll and VMware in partnership with Wakefield Research, 45 percent of security leaders said their security spending will either stay the same, if not decrease over the next twelve months.

The FIN7 financial cybercrime gang is back, delivering JavaScript backdoors using Word documents themed around the next version of Windows. That's according to researchers at Anomali, who observed a recent campaign from the group that leveraged six different docs, all referencing "Windows 11 Alpha" - the "Insider Preview" version of the upcoming Windows 11 operating system from Microsoft.

US Cyber Command has issued a rare alert today urging US organizations to patch a massively exploited Atlassian Confluence critical vulnerability immediately.The USCYBERCOM unit also stressed the importance of patching vulnerable Confluence servers as soon as possible: "Please patch immediately if you haven't already- this cannot wait until after the weekend."

A threat actor has leaked the complete source code for the Babuk ransomware on a Russian-speaking hacking forum. As first noticed by security researcher vx-underground, an alleged member of the Babuk group released the full source code for their ransomware on a popular Russian-speaking hacking forum.

Jon D. Paul has written the fascinating story of the HX-63, a super-complicated electromechanical rotor cipher machine made by Crypto AG.

Infosec firm Rapid7 has joined the chorus of voices urging reform to the UK's Computer Misuse Act, publishing its detailed proposals intended to change the cobwebby old law for the better. "It's worth noting that neither the National Crime Agency or the CPS seem to be recklessly pursuing frivolous investigations or prosecutions of good-faith security research. Nonetheless, the current legal language does expose researchers to legal risk and uncertainty, and it would be good to see some clarity on the topic," said Rapid7 in a blog post published over the sleepy summer period.

The Conti ransomware gang is hacking into Microsoft Exchange servers and breaching corporate networks using recently disclosed ProxyShell vulnerability exploits. ProxyShell is the name of an exploit utilizing three chained Microsoft Exchange vulnerabilities that allow unauthenticated, remote code execution on unpatched vulnerable servers.