Security News

Microsoft has released the optional KB5040527 preview cumulative update for Windows 11 23H2 and 22H2, which includes fixes for Windows Backup and upgrade failures. The July 2024 non-security preview update fixes an issue that sometimes caused Windows backups to fail on devices with an Extensible Firmware Interface system partition.

The market rewards short-term profit-maximizing systems, and doesn't sufficiently penalize such companies for the impact their mistakes can have. The asymmetry of costs is largely due to our complex interdependency on so many systems and technologies, any one of which can cause major failures.

The U.S. State Department is offering a reward of up to $10 million for information that could lead to the identification or location of a North Korean military hacker identified as Rim Jong Hyok. Part of the Andariel North Korean hacking group, Hyok and other Andariel operatives were linked to Maui ransomware attacks targeting critical infrastructure and healthcare organizations across the United States.

"The MSS often uses 'cooperative contacts' located in countries outside of the PRC in furtherance of their intelligence goals, which include obtaining information concerning foreign corporate or industrial matters, foreign politicians or intelligence officers, and information concerning PRC political dissidents residing in those countries," the Department of Justice said, announcing the charges. In 2012, Li is alleged to have gathered biographical information about an individual associated with the Falun Gong religious movement and passed it back to the MSS within a week of receiving the order.

Meta has removed 63,000 Instagram accounts from Nigeria that were involved in sextortion scams, including a coordinated network of 2,500 accounts linked to 20 individuals targeting primarily adult men in the United States. The social media giant said these accounts are linked to an organized cybercrime group called 'Yahoo Boys,' that has recently increased its operational volume.

Progress Software has warned customers to patch a critical remote code execution security flaw in the Telerik Report Server that can be used to compromise vulnerable devices. As a server-based reporting platform, Telerik Report Server provides centralized storage for reports and the tools needed to create, deploy, deliver, and manage them across an organization.

The French police and Europol are pushing out a "Disinfection solution" that automatically removes the PlugX malware from infected devices in France. The operation is conducted by the Center for the Fight Against Digital Crime of the National Gendarmerie with assistance by French cybersecurity firm Sekoia, which sinkholed a command and control server for a widely distributed PlugX variant last April.

A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. "APT45 is a long-running, moderately sophisticated North Korean cyber operator that has carried out espionage campaigns as early as 2009," researchers Taylor Long, Jeff Johnson, Alice Revelli, Fred Plan, and Michael Barnhart said.

Docker is warning users to rev their Docker Engine into patch mode after it realized a near-maximum severity vulnerability had been sticking around for five years. By sending a body-less request, an attacker can force the Docker Engine API client to forward that request to an authorization plugin, which may, in error, approve a request that would have been denied if the body content was forwarded to it.

Once upon a time, I.T. security teams depended on hodgepodges of different cybersecurity solutions from various vendors. In a webinar for MSP and SME leaders, Cynet experts will explain how these challenges are driving unprecedented demand for "All-in-One" cybersecurity solutions.