Security News > 2023 > April

Microsoft is investigating an interoperability bug between the recently added Windows Local Administrator Password Solution feature and legacy LAPS policies. Windows LAPS helps admins manage passwords for local administrator accounts on Azure Active Directory-joined or Windows Server Active Directory-joined devices by automatically rotating and backing them up to AD domain controllers.

DOUG Patches aplenty, connected garage doors, and motherboard malfeasance. DUCK I am still trying to make sense of when you said "Connected garage doors", Doug.

Windows 11 is getting a new privacy setting that allows users to control whether applications can detect when actively interacting with the device. The new privacy setting is called 'Presence sensing' and allows you to configure whether applications can use APIs to determine if a user is active or inactive in Windows.

Microsoft is working on fixing an issue affecting some Outlook for Microsoft 365 customers and preventing them from accessing emails and their calendars. "After updating to Outlook Version 2303 Users may be unable to view or access Microsoft 365 group calendars and email messages in Outlook Desktop," the company said in a support document published on Thursday.

Dutch Police is sending emails to former RaidForums members, asking them to delete stolen data and stop illegal cyber activities and warning that they are not anonymous. Yesterday, the Dutch National Police announced that they sent thousands of emails, hundreds of letters, and conducted stop calls on RaidForums members to warn them that their actions are illegal and that they are being monitored by law enforcement.

"The 'Read The Manual' Locker gang uses affiliates to ransom victims, all of whom are forced to abide by the gang's strict rules," cybersecurity firm Trellix said in a report shared with The Hacker News. Attack chains mounted by the group have since evolved to deploy a ransomware payload on compromised hosts.

The security researchers found that Google Play threats and Android phone infections are big business. A Google Play developer account can be bought for around $60-$200 USD depending on account characteristics such as the number of developed apps or the number of downloads.

Europol and Eurojust announced today the arrest of five individuals believed to be part of a massive online investment fraud ring with at least 33,000 victims who lost an estimated €89 million. The fraudulent operation lured investors through web and social media banner ads, tricking their targets into committing small amounts of up to €250 as initial investments by promising big profits.

Europol and Eurojust announced today the arrest of five individuals believed to be part of a massive online investment fraud ring with at least 33,000 victims who lost an estimated €89 million. The fraudulent operation lured investors through web and social media banner ads, tricking their targets into committing small amounts of up to €250 as initial investments by promising big profits.

Poland's Military Counterintelligence Service and its Computer Emergency Response Team have linked APT29 state-sponsored hackers, part of the Russian government's Foreign Intelligence Service, to widespread attacks targeting NATO and European Union countries. The attackers have targeted diplomatic personnel using spear phishing emails impersonating European countries' embassies with links to malicious websites or attachments designed to deploy malware via ISO, IMG, and ZIP files.