Security News > 2022 > May

Microsoft has addressed an actively exploited Windows LSA spoofing zero-day that unauthenticated attackers can exploit remotely to force domain controllers to authenticate them via the Windows NT LAN Manager security protocol. The vulnerability, tracked as CVE-2022-26925 and reported by Bertelsmann Printing Group's Raphael John, has been exploited in the wild and seems to be a new vector for the PetitPotam NTLM relay attack.

If you were in the US this time last year, you won't have forgotten, and you may even have been affected by, the ransomware attack on fuel-pumping company Colonial Pipeline. That's the sort of wall against which Colonial Pipeline found itself about 12 months ago.

Microsoft has released the Windows 11 KB5013943 cumulative update with security updates, improvements, and fixes for screen flickers in Safe Mode and a bug causing some NET 3.5 apps not to open. KB5013943 is a mandatory cumulative update as it contains the May 2022 Patch Tuesday security updates for vulnerabilities discovered in previous months.

Get lifetime access to 2TB of cloud storage for just $49 We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. Everybody needs safe, secure and reliable cloud storage.

Today is Microsoft's May 2022 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities, with one actively exploited, and a total of 75 flaws. Of the 75 vulnerabilities fixed in today's update, eight are classified as 'Critical' as they allow remote code execution or elevation of privileges.

Microsoft has released Windows 10 KB5013945 and KB5013942 cumulative updates for versions 21H2, version 21H1, version 20H2, and 1909 to fix security vulnerabilities and resolve bugs. This update is not available for May 2020 Update if you use the consumer edition, but the same update will be offered on devices using enterprise or education SKUs.

Finland's National Cyber Security Center has issued a warning about the FluBot Android malware infections increasing due to a new campaign that relies on SMS and MMS for distribution. The FluBot operators use SMS messages claiming to contain links to voicemail, missed call notifications, or alerts about incoming money from an unknown financial transaction.

The United Kingdom's National Cyber Security Centre has announced a new email security check service to help organizations identify vulnerabilities that could allow attackers to spoof emails or lead to email privacy breaches. The government agency, which leads the UK's cyber security mission, says the Email Security Check tool requires no sign-ups or personal details.

A years-long phishing campaign has targeted German companies in the automotive industry, attempting to infect their systems with password-stealing malware. These sites are used to send phishing emails written in German and host the malware payloads downloaded to targeted systems.

Most malware attacks now originate from the same region as the victim, according to a new report, a sign that malicious actors are changing their tactics. One such trend is that most recent malware attacks came from within the same region as the victim, a marked difference from previous years, according to Netskope, which believes this is a strategic tactic used by attackers to avoid geofencing filters and other prevention measures.