Security News

Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. "Microsoft has observed the Iranian nation-state actor Peach Sandstorm attempting to deliver a newly developed backdoor named FalseFont to individuals working for organizations in the Defense Industrial Base sector," the company said.

Microsoft is deprecating Defender Application Guard for Edge for Business users. Microsoft Defender Application Guard blocks potential threats by opening them in a secure sandbox using hardware-based virtualization.

In an audit [PDF] published Tuesday, the OIG found NASA has a "Comprehensive privacy program that includes processes for determining whether information systems collect, store, and transmit PII; publishing System of Records Notices; and providing general privacy training to its workforce." That's a welcome assessment, given NASA employs around 16,000 people and - as with all government agencies - collects PII about them and the contractors, partners, and members of the public it engages.

Microsoft has fixed a known issue causing Wi-Fi network connectivity problems on Windows 11 systems triggered by recently released cumulative updates. Microsoft resolved this widespread known issue through Known Issue Rollback, a Windows feature that helps reverse flawed non-security updates delivered via Windows Update.

Microsoft has confirmed that some Windows 11 devices experience Wi-Fi connectivity issues after installing recent cumulative updates. "Microsoft has received reports of an issue in which some Wi-Fi adapters might not connect to some networks after installing KB5032288," Redmond said in a new update to the Windows release health hub.

Four vulnerabilities, one of which is rated critical, have been discovered in the Perforce Helix Core Server, a source code management platform widely used by the gaming, government, military, and technology sectors. The four flaws discovered by Microsoft mainly involve denial of service issues, with the most severe allowing arbitrary remote code execution as LocalSystem by unauthenticated attackers.

Microsoft has released a new troubleshooter tool to fix an issue where the HP Smart app would automatically install on Windows after renaming all printers to HP LaserJet M101-M106. Customers have reported experiencing this issue on various online social networks and Microsoft's own community website since late November. Over the weekend, the company released a Microsoft Printer Metadata Troubleshooter Tool to help admins and users address this printing issue.

After announcing a gradual elimination of third-party printer drivers on Windows earlier this year, Microsoft has now unveiled its plan for enhancing security by introducting Windows Protected Print Mode. For years, the Windows print system has been a key target for attackers because the Windows Print Spooler service/process has high privileges that can be exploited to execute malicious files.

Microsoft announced a new Windows Protected Print Mode, introducing significant security enhancements to the Windows print system. "WPP builds on the existing IPP print stack where only Mopria certified printers are supported, and disables the ability to load third-party drivers. By doing this, we can make meaningful improvements to print security in Windows that otherwise could not happen," said Johnathan Norman, Microsoft Offensive Research & Security Engineering principal engineer manager.

Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it's tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and...