Security News > 2023 > October

Microsoft says Windows 10 security updates released during this month's Patch Tuesday may fail to install with 0x8007000d errors, although initially displaying progress. On systems affected by this known issue running client platforms, the KB5031356 security update will fail to complete installation.

Shadow, which hosts Windows PC gaming in the cloud among other services, has confirmed criminals stole a database containing customer data following a social-engineering attack against one of its employees. Customers can also access remote PC instances for development work and other tasks as well as cloud storage.

Kwik Trip has been impacted by a wide range of mysterious business disruptions since this weekend that are indicative of a ransomware attack. Kwik Trip is a US chain of over 800 convenience stores and gas stations in Michigan, Minnesota, and Wisconsin, also operating under the name Kwik Star in Illinois, Iowa, and South Dakota.

An early ransomware campaign against organizations by exploiting the vulnerability in Progress Software's WS FTP Server was this week spotted by security researchers. Sophos X-Ops revealed on Thursday its customers have been targeted by ransomware criminals who lifted took their code from LockBit 3.0, which was leaked last year, shortly after this latest strain was created.

Microsoft announced earlier this week that the NTLM authentication protocol will be killed off in Windows 11 in the future. [...]

Cybercriminals are employing a novel code distribution technique dubbed 'EtherHiding,' which abuses Binance's Smart Chain contracts to hide malicious scripts in the blockchain. The threat actors responsible for this campaign previously used compromised WordPress sites that redirected to Cloudflare Worker hosts for injecting malicious JavaScript into hacked websites, but later pivoted to abusing blockchain systems that provide a far more resilient and evasive distribution channel.

Perceived weaknesses in the security of Microsoft's Visual Studio IDE are being raised once again this week with a fresh single-click exploit. Following the 2021 targeting of security researchers by North Korea's state-sponsored offensive cyber group Lazarus, Microsoft rolled out trusted locations to prevent malicious Visual Studio projects being used to achieve remote code execution.

The U.S. Cybersecurity and Infrastructure Security Agency has unveiled additional details regarding misconfigurations and security vulnerabilities exploited by ransomware gangs, aiming to help critical infrastructure organizations thwart their attacks. Since its inception, CISA's RVWP has identified and shared details of over 800 vulnerable systems with internet-accessible vulnerabilities frequently targeted by various ransomware operations.

Opinion When I was in Bilbao recently for the Open Source Summit Europe event, the main topic of conversation was the European Union's Cyber Resilience Act. Why? Because pretty much everyone with an open source clue sees it as strangling open source software development.

European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that delivers an updated version of RomCom RAT called...