Security News > 2022 > December

December 2022 sees the 35th anniversary of the first major self-spreading computer virus - the infamous CHRISTMA EXEC worm that temporarily crushed the major mainframe networks of the day. Not by any deliberately coded side-effects such as file scrambling or data deletion, but simply by leeching too much network bandwidth for its own unauthorised purpose.

Google's Threat Analysis Group said on Wednesday that its researchers discovered commercial spyware called Heliconia that's designed to exploit vulnerabilities in Chrome and Firefox browsers as well as Microsoft Defender security software. The three components perform the following functions: Heliconia Noise is a web framework for deploying an exploit for a Chrome renderer bug followed by a sandbox escape; Heliconia Soft is a web framework that deploys a PDF containing a Windows Defender exploit; and Files is a set of Firefox exploits for Linux and Windows.

The FBI and CISA revealed in a new joint security advisory that the Cuba ransomware gang raked in over $60 million in ransoms as of August 2022 after breaching more than 100 victims worldwide. "Since the release of the December 2021 FBI Flash, the number of U.S. entities compromised by Cuba ransomware has doubled, with ransoms demanded and paid on the increase," the two federal agencies warned today.

There are also more security options for what Teams product marketing director Caroline Stanford called "Cone of silence" meetings at the recent Microsoft Ignite conference; those are the digital version of board meetings, financial planning meetings or reviews of unannounced products in the office "With the blinds closed and the door locked." Plus, you can use Microsoft Purview Information Protection sensitivity labels to apply the right settings for specific kinds of meetings.

Once you'd authorised it, it was able to read your files, and because it could read your files, it could get the list of all the people you normally corresponded with from your so called nicknames or NAMES file, and blasted itself out to all of them. DUCK. People you'd never heard from for a couple of years suddenly they would be all over your mailbox!

A new Go-based malware threat that researchers call Redigo has been targeting Redis servers vulnerable to CVE-2022-0543 to plant a stealthy backdoor and allow command execution. Today, AquaSec reports that its Redis honeypots vulnerable to CVE-2022-0543 caught a new piece of malware that is not detected as a threat by antivirus engines on Virus Total.

A new Go-based malware threat that researchers call Redigo has been targeting Redis servers vulnerable to CVE-2022-0543 to plant a stealthy backdoor and allow command execution. Today, AquaSec reports that its Redis honeypots vulnerable to CVE-2022-0543 caught a new piece of malware that is not detected as a threat by antivirus engines on Virus Total.

All "Private search ads" shown by Brave Search throughout this beta test will be clearly marked according to the company and will not be linked to their identity. "By design, Brave Search ads are anonymous, clearly marked, and follow Brave's commitment to putting users first, and to ethical and transparent advertising practices," Brave said.

Microsoft says that parts of the Task Manager might become unreadable for some customers after installing this month's KB5020044 preview update for Windows 11 22H2 systems. On affected devices, users might see that some user interface elements of the Task Manager are being shown using unexpected colors, making them unreadable.

A new malware-as-a-service operation named 'DuckLogs' has emerged, giving low-skilled attackers easy access to multiple modules to steal information, log key strokes, access clipboard data, and remote access to the compromised host. It claims to have thousands of cybercriminals paying a subscription to generate and launch more than 4,000 malware builds.