Security News

Microsoft on Monday disclosed details of a recently patched security vulnerability in Apple's macOS operating system that could be weaponized by a threat actor to expose users' personal information. Tracked as CVE-2021-30970, the flaw concerns a logic issue in the Transparency, Consent and Control security framework, which enables users to configure the privacy settings of their apps and provide access to protected files and app data.

Microsoft says threat actors could use a macOS vulnerability to bypass Transparency, Consent, and Control technology to access users' protected data. The Microsoft 365 Defender Research Team has reported the vulnerability dubbed powerdir to Apple on July 15, 2021, via the Microsoft Security Vulnerability Research.

Microsoft has acknowledged an issue triggered by a Windows 10, version 21H2 security update released during the December 2021 Patch Tuesday that leads to search issues in Outlook for Microsoft 365. "After you install update KB5008212, recent emails may not appear in search results," Microsoft explained in a recently published Office support document.

Microsoft says zero-touch onboarding for Microsoft Defender for Endpoint on iOS is now available in public preview, allowing enterprise admins to silently install Defender for Endpoint automatically on enrolled devices. "With this new capability, enterprises can now deploy Microsoft Defender for Endpoint on iOS devices that are enrolled with Microsoft Endpoint Manager automatically, without needing end-users to interact with the app," Microsoft explained.

An ongoing ZLoader malware campaign has been uncovered exploiting remote monitoring tools and Microsoft's digital signature verification to siphon user credentials and sensitive information. "The malware then exploits Microsoft's digital signature verification method to inject its payload into a signed system DLL to further evade the system's defenses."

A new malware campaign is taking advantage of a vulnerability in the way Microsoft digitally signs a specific file type. As described on Wednesday by cyber threat intelligence firm Check Point Research, an attack using the infamous Zloader banking malware aims to steal account credentials and other private data and has already infected 2,170 unique machines that downloaded the malicious DLL file involved in the exploit.

Threat actors are exploiting Microsoft's digital signature verification to steal user credentials and other sensitive information by delivering the ZLoader malware, which previously has been used to distribute Ryuk and Conti ransomware, researchers have found. Researchers at Check Point Research discovered the cybercriminal group Malsmoke delivering the campaign, which they traced back to November 2021, according to a report posted online Wednesday.

The RPG Greetings, traveller, and welcome back to The Register Plays Games, our monthly gaming column. In terms of quality at the point of release, Halo Infinite has stepped out as the clear winner.

A new Zloader campaign exploits Microsoft's digital signature verification to deploy malware payloads and steal user credentials from thousands of victims from 111 countries. Zloader is a banking malware first spotted back in 2015 that can steal account credentials and various types of sensitive private information from infiltrated systems.

Threat actors vigorously launched exploit attempts and testing during the last weeks of December, Microsoft said on Monday, in the latest update to its landing page and guidance around the flaws in Apache's Log4j logging library. To evade detection, attackers are mixing up the request patterns: For example, Microsoft has seen exploit code written that runs a lower or upper command within the exploitation string.