Security News

Threat actors behind web skimming campaigns are leveraging malicious JavaScript code that mimics Google Analytics and Meta Pixel scripts in an attempt to sidestep detection. Last year, Malwarebytes disclosed a campaign wherein malicious actors were observed delivering PHP-based web shells embedded within website favicons to load the skimmer code.

Microsoft's security researchers have observed a worrying trend in credit card skimming, where threat actors employ more advanced techniques to hide their malicious info-stealing code. Skimming gangs obfuscate their code snippets, inject them into image files, and masquerade them as popular web applications to evade detection.

Microsoft has sounded the alarm on DDoS malware called XorDdos that targets Linux endpoints and servers. Over the last six months, Microsoft threat researchers say they've witnessed a 254 percent spike in the malware's activity.

Threat analysts have discovered a recent malware distribution campaign using PDF attachments to smuggle malicious Word documents that infect users with malware. In a new report by HP Wolf Security, researchers illustrate how PDFs are being used as a transport for documents with malicious macros that download and install information-stealing malware on victim's machines.

Microsoft is testing a new feature in the latest Windows 11 preview build that displays an Internet search box directly on the desktop. The problem is that it does not honor your default browser and only uses Bing and Microsoft Edge instead. This new feature is currently being tested with a small subset of Windows Insiders running the Windows 11 build 25120 on the 'Dev' channel.

Two of the big-news vulnerabilities in this month's Patch Tuesday updates from Microsoft were CVE-2022-26923 and CVE-2022-26931, which affected the safety of authentication in Windows. Ironically, the CVE-2022-26923 and CVE-2022-26931 bugs only seem to apply if you're using digital certificates for added authentication security.

A Linux botnet malware known as XorDdos has witnessed a 254% surge in activity over the last six months, according to latest research from Microsoft. The trojan, so named for carrying out denial-of-service attacks on Linux systems and its use of XOR-based encryption for communications with its command-and-control server, is known to have been active since at least 2014.

Microsoft has updated the Windows Subsystem for Android in Windows 11 to make telemetry collection optional and announced an upgrade to Android 12.1. "To help us make Windows Subsystem for Android better and provide useful telemetry about Android app usage, please enable this setting in the Windows Subsystem for Android Settings app!".

Microsoft has released out-of-band updates on Thursday evening to address a newly acknowledged issue impacting Microsoft Store apps. This known issue affects devices running Windows 10 where users have installed the KB5011831 optional preview cumulative update or other updates released since April 25th. "After installing KB5011831 or later updates, you might receive an error code: 0xC002001B when attempting to install from the Microsoft Store," Microsoft explained on the Windows health dashboard.

Microsoft has released an out-of-band patch to deal with an authentication issue that was introduced in the May 10 Windows update. Multiple administrators complained last week that after installing the May 10 patch, they experienced authentication failures across several systems.