Security News > 2023 > April

Google said it obtained a court order to shut down domains used to distribute CryptBot after suing the distributors of the info-stealing malware. The court granted Google a temporary restraining order, which allowed it to shut down the bot operators' internet infrastructure.

Microsoft is rewriting core Windows libraries in the Rust programming language, and the more memory-safe code is already reaching developers. Microsoft showed interest in Rust several years ago as a way to catch and squash memory safety bugs before the code lands in the hands of users; these kinds of bugs were at the hear of about 70 percent of the CVE-listed security vulnerabilities patched by the Windows maker in its own products since 2006.

DOUG. Remote code execution, remote code execution, and 2FA codes in the cloud. The remote code execution bug they patched at the end of March 2023.

A set of 38 Minecraft copycat games on Google Play infected devices with the Android adware 'HiddenAds' to stealthily load ads in the background to generate revenue for its operators. Minecraft is a popular sandbox game with 140 million monthly active players, which numerous game publishers have attempted to recreate.

Microsoft says Windows 10, version 22H2 will be the last feature update to be released for the Windows 10 operating system.Windows 10 22H2 reached general availability in October 2022 and entered broad deployment on November 18, 2022.

Google says it banned 173,000 developer accounts in 2022 to block malware operations and fraud rings from infecting Android users' devices with malicious apps. "In 2022, we prevented 1.43 million policy-violating apps from being published on Google Play in part due to new and improved security features and policy enhancements - in combination with our continuous investments in machine learning systems and app review processes," the Google Security team said.

RTM Locker is the latest enterprise-targeting ransomware operation found to be deploying a Linux encryptor that targets virtual machines on VMware ESXi servers.At the time, Trellix and MalwareHunterTeam had only seen a Windows ransomware encryptor, but as Uptycs reported yesterday, RTM has expanded its targeting to Linux and VMware ESXi servers.

Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and "Decelerate" its growth. CryptBot is estimated to have infected over 670,000 computers in 2022 with the goal of stealing sensitive data such as authentication credentials, social media account logins, and cryptocurrency wallets from users of Google Chrome.

Microsoft has addressed a known issue affecting Outlook for Microsoft 365 customers that prevented them from accessing group mailboxes and calendars using the Outlook desktop client. "A recent standard service update inadvertently contains an authentication code regression which is resulting in some users being unable to access or perform various Microsoft 365 group actions in the Outlook desktop client," the company described the issue under EX540503 in the Microsoft 365 admin center.

A new macOS information-stealing malware named 'Atomic' is being sold to cybercriminals via private Telegram channels for a subscription of $1,000 per month. For this hefty price, buyers get a DMG file containing a 64-bit Go-based malware designed to target macOS systems and steal keychain passwords, files from the local filesystem, passwords, cookies, and credit cards stored in browsers.