Security News > 2022 > January

Microsoft announced today that they would be releasing new Windows 11 features next month, including a preview of the long-awaited Android Apps on Windows 11 feature, a new windows sharing feature, taskbar improvements, and redesigned Notepad and Media Player apps. "Next month we're bringing new experiences to Windows that include a public preview of how you can use Android apps on Windows 11 through the Microsoft Store and our partnerships with Amazon and Intel, taskbar improvements with call mute and unmute, easier window sharing and bringing weather to the taskbar, plus the introduction of two new redesigned apps, Notepad and Media Player," Panay shared in a new blog post.

Scammers are taking advantage of the focus on COVID-19 testing and the need for at-home test kits, says Barracuda Networks. A recent blog post from security firm Barracuda Networks looks at the rise in phishing campaigns that exploit the concerns over such testing.

Cyberattacks can impact any organization, big or small. Large enterprises are often more tempting targets due to the vast amount of lucrative data they hold.

New FluBot and TeaBot malware distribution campaigns have been spotted, using typical smishing lures or laced apps against Android users in Australia, Germany, Poland, Spain, and Romania. TeaBot is a different Android banking trojan discovered in January 2021 and has a global reach.

Cisco's 2022 data privacy study finds that privacy budgets are up, and companies are seeing good return on these investments. Survey respondents cited strong support for privacy laws with 83% saying these rules have had a positive impact.

Researchers have discovered a raft of active campaigns delivering the Flubot and Teabot trojans through a variety of delivery methods, with threat actors using smishing and malicious Google Play apps to target victims with fly-by attacks in various regions across the globe. Researchers from Bitdefender Labs said they have intercepted more than 100,000 malicious SMS messages trying to distribute Flubot malware since the beginning of December, according to a report published Wednesday.

Microsoft has fixed a known issue affecting systems running Windows 11, version 21H2, where applications may have problems rendering colors correctly high dynamic range displays when using Win32 APIs. Microsoft has addressed the HDR color rendering bug with the release of Windows 11 KB5008353 cumulative update issued part of January 2022 monthly non-security "C" preview.

The BfV German domestic intelligence services warn of ongoing attacks coordinated by the APT27 Chinese-backed hacking group. This active campaign is targeting German commercial organizations, with the attackers using the HyperBro remote access trojans to backdoor their networks.

The snappily titled Government Cyber Security Strategy, wheeled out yesterday, will set UK domestic cybersecurity strategy for the next eight years. "The UK's legitimacy and authority as a cyber power is however dependent upon its domestic cyber resilience, the cornerstone of which is government and the public sector organisations that deliver the functions and services which maintain and promote the UK's economy and society," said the strategy, authored by the Cabinet Office.

In late 2021, a never before seen macOS backdoor was delivered to pro-democracy individuals in Hong Kong via fake and compromised sites by exploiting vulnerabilities in Webkit, the browser engine powering Safari, and XNU, the macOS and iOS kernel. On Tuesday, ESET researchers shared their knowledge about the attacks and the results of the analysis of that final malicious payload: a macOS backdoor with many capabilities, including collecting and exfiltrating system information, executing files, starting a remote screen session, dumping the contents of the victims' iCloud Keychain, and more.