Security News

Microsoft is testing a new "Automatic Super Resolution" AI-assisted upscaling feature that increases the video and image quality of supported games while also making them run more smoothly. As first discovered by Windows sleuth PhantomOfEarth, Microsoft is now testing an Automatic Super Resolution feature as part of its first preview of Windows 11 24H2 in the Canary and Dev channels.

Two zero-day vulnerabilities have been discovered in Ivanti Secure VPN, a popular VPN solution used by organizations worldwide. The chaining of the two vulnerabilities allow any attacker to execute remote code without any authentication and compromise affected systems.

A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives. The attacks employ documents sent to targets that embed links masqueraded as "View document" buttons that take victims to phishing pages.

Dutch health insurers are reportedly forcing breast cancer patients to submit photos of their breasts prior to reconstructive surgery despite a government ban on precisely that. Some insurers don't use secure websites and/or other means of electronic communications to transfer these very sensitive photos, according to the Netherlands public broadcaster NOS. Patients reported that their insurance companies have lost their photos, and denied their requests for reconstructive surgeries following a breast-cancer diagnosis.

CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting attacks. The security flaw is a persistent cross-site scripting bug that lets attackers access restricted information via plain/text messages maliciously crafted links in low-complexity attacks requiring user interaction.

Fortinet has patched critical remote code execution vulnerabilities in FortiOS, one of which is "Potentially" being exploited in the wild. The exploitation-in-the-wild has been confirmed by CISA, by adding it to its Known Exploited Vulnerabilities catalog, though details about the attacks are still undisclosed.

As the FCC planned, the new rule also eliminates the mandatory seven-day waiting period for reporting break-ins to consumers. "Without an FCC rule requiring breach notifications for the above categories of PII, there would be no requirement in Federal law that telecommunications carriers report non-CPNI breaches to their customers," the FCC said of the new rule.

Willis Lease Finance Corporation admitted that some internal processes have required workarounds to be developed so that it can continue to operate and service customers, without providing any specifics about what those workarounds entail.As is often the case with early-stage ransomware disclosures, the company appears to be reluctant to mention "Ransomware" or even "Attack" in its wording.

About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

Hackers are exploiting a server-side request forgery vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. The flaw impacts the SAML component of the mentioned products and allows attackers to bypass authentication and access restricted resources on Ivanti gateways running versions 9.x and 22.x. The updates that fix the problem are Ivanti Connect Secure versions 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2, 22.5R1.1 and 22.5R2.2, Ivanti Policy Secure version 22.5R1.1, and ZTA version 22.6R1.3.