Security News > 2024 > February

Microsoft has started force installing Windows 11 23H2 on eligible devices that have reached or are close to their end-of-servicing date. The Windows 11 23H2 forced rollout phase announced by Redmond this week comes after systems running multiple editions of Windows 11 21H2 were automatically updated to Windows 11 22H2 before they reached the end of support on October 11.

Law enforcement's disruption of the LockBit ransomware crew comes as the criminal group was working on bringing a brand-new variant to market, research reveals. As part of the daily LockBit leaks this week, Trend Micro's report on the group, published today, analyzed a cross-platform version researchers believe was being designed to succeed the most recent LockBit 3.0 iteration.

The Bitwarden open-source password management service has introduced a new inline auto-fill menu that addresses the risk of user credentials being stolen through malicious form fields. A few days later, the Bitwarden team announced they would add another layer of safety, allowing iframe auto-fills only on trusted sites and subdomains from the origin domain.

IAM tools help organizations secure and manage user identities and access to resources, ensuring only authorized individuals gain access. Keycloak adheres to standard protocols such as OpenID Connect, OAuth 2.0 and SAML and provides fine-grained authorization services that support different access control mechanisms like attribute-based access control, role-based access control, user-based access control, rule-based access control and context-based access control.

Update February 23, 07:02 EST: Sophos published a report today saying that the ransomware payloads they spotted were built using the LockBit ransomware builder leaked online by a disgruntled malware developer in late September 2022. "On February 22, 2024, Sophos X-Ops reported through our social media handle that despite the recent law enforcement activity against the LockBit threat actor group we had observed several attacks over the preceding 24 hours that appeared to be carried out with LockBit ransomware, built using a leaked malware builder tool," Sophos explained.

Attackers are exploiting a maximum severity authentication bypass vulnerability to breach unpatched ScreenConnect servers and deploy LockBit ransomware payloads on compromised networks. Today, Sophos X-Ops revealed that threat actors have been deploying LockBit ransomware on victims' systems after gaining access using exploits targeting these two ScreenConnect vulnerabilities.

There are decent free password managers out there that can help you secure your passwords without shelling out a monthly fee. In this article, we give you a rundown of the best free password managers available today.

Simon Willison has been playing with the video processing capabilities of the new Gemini Pro 1.5 model from Google, and it's really impressive. Which means a lot of scary new video prompt injection attacks.

The U.S. Federal Trade Commission (FTC) will order Avast to pay $16.5 million and ban the company from selling the users' web browsing data or licensing it for advertising purposes. [...]

Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the...