Security News > 2023 > April

Integrating the Local Administrator Password Solution into Windows and Windows Server that came with updates earlier this week is causing interoperability problems with what's called legacy LAPS, Microsoft says. Redmond touted the LAPS integration in the April 11 KB5025224 and KB5025239 cumulative updates, writing that "Windows LAPS is a huge improvement in virtually every area beyond Legacy LAPS.".

Cybersecurity firm Darktrace says it found no evidence that the LockBit ransomware gang breached its network after the group added an entry to their dark web leak platform, implying that they stole data from the company's systems. Hours after the gang claimed DarkTrace as a victim on their data leak site, the company conducted an investigation and found no evidence of a breach of their systems.

The Federal Security Service of the Russian Federation has accused the United States and other NATO countries of launching over 5,000 cyberattacks against critical infrastructure in the country since the beginning of 2022. The agency says it has taken timely measures to prevent these attacks from causing any negative consequences to Russia.

The Russia-linked APT29 threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. Nobelium's operations have been attributed to Russia's Foreign Intelligence Service, an organization that's tasked with protecting "Individuals, society, and the state from foreign threats."

WhatsApp will be rolling out three new security features in the coming months, to provide users with increased privacy and control over their messages and to help prevent unauthorized account access and takeover. WhatsApp's new check when moving account to another phone.

The study is built upon 10 million posts on encrypted platforms and other kinds of data dredged up from the deep, dark and clear web. Across the dark web onion sites, the total number of forum posts and replies decreased by 13% between 2021 and 2022, dropping from over 91.7 million to around 79.1 million.

The same unbalanced,"Wear and slop" applies to many systems even software not just mechanical systems. These can and frequently do carry "Information" impressed / modulated upon them out of the confines of a system.

Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company's MyBB forum database containing user data and private messages.What's more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace.

As Elon Musk tears at Twitter's credibility by demanding businesses and individuals pay for their blue verification checks, Microsoft is pushing ts own free digital ID technology to companies and their employees on LinkedIn. Verified ID is a managed identify verification service that is part of Microsoft's Entra product portfolio, an umbrella unit created last year that covers all of the vendor's identity and access capabilities.

The spoofed email is cleverly crafted to look as legitimate as possible: it contains the Zelle logo, grammatically correct text, and an authentic link to the firm's web page at the bottom of the email, in the "Security and privacy" footer. What distinguishes this malicious email from legitimate ones is the sender's email address, which is obviously not related to Zelle.