Security News

Apple has removed 25 virtual private network apps from the Russian App Store at the request of Roskomnadzor, Russia's telecommunications watchdog. Roskomnadzor confirmed to Interfax that the order targets multiple apps used to gain access to content tagged as illegal in Russia.

Microsoft has finally released a spell check and autocorrect feature in Notepad for all Windows 11 users, forty-one years after the program was introduced in 1983. [...]

TeamViewer, the company developing the popular remote access/control software with the same name, has finished the investigation into the breach it detected in late June 2024, and has confirmed that it was limited to their internal corporate IT environment. "Neither our separated product environment, nor the connectivity platform, nor any customer data has been touched," the company says.

A remote code execution vulnerability in the Ghostscript document conversion toolkit, widely used on Linux systems, is currently being exploited in attacks. Ghostscript comes pre-installed on many Linux distributions and is used by various document conversion software, including ImageMagick, LibreOffice, GIMP, Inkscape, Scribus, and the CUPS printing system.

A previously undocumented advanced persistent threat group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control and data exfiltration. "It's a sophisticated cyber espionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud infrastructure," the Russian security vendor said.

A new advanced persistent threat (APT) group named CloudSorcerer abuses public cloud services to steal data from Russian government organizations in cyberespionage attacks. [...]

An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material, indicating how such information could be used to combat serious crimes. Distributed via phishing, spam campaigns, cracked software, fake update websites, SEO poisoning, and malvertising, data harvested using such programs typically find their way onto the dark web in the form of stealer logs from where they are purchased by other cybercriminals to further their schemes.

Industrial cyber security in APAC is still lagging behind enterprises, but having some basic hygiene and a plan in place is "Light years" better than nothing, according to director of incident response at operational technology cyber security firm Dragos Lesley Carhart. Dragos has seen organisations implementing incident response plans and security monitoring; this puts them "Light years ahead" of those with no plan and no retainers or team for cyber security, but Carhart said they need to test assumptions to do tactical things behind strategy.

Another Microsoft certificate has expired, leaving SwiftKey users that are seeking support faced with an alarming certificate error. One such user contacted The Register after heading into the app's settings to find the support page.

Roblox announced late last week that it suffered a data breach impacting attendees of the 2022, 2023, and 2024 Roblox Developer Conference attendees. [...]