Security News

Microsoft has released the KB5032189 cumulative update for Windows 10 21H2 and Windows 10 22H2, which contains eleven fixes for various issues. KB5032189 is a mandatory Windows 10 cumulative update containing the November 2023 Patch Tuesday security updates.

The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar. The new findings come from Palo Alto Networks Unit...

Windows 11 23H2 is now out and it comes with tons of new features. Despite promising features like easily switching to dark mode, the AI integration feels more like a web wrapper than a native feature of Windows 11.

Microsoft has released the optional KB5031455 Preview cumulative update for Windows 11 22H2, which enables 72 new Moment 4 features by default and fixes 22 issues. The KB5031455 cumulative update preview is part of Microsoft's "Optional non-security preview updates" schedule, released on the fourth week of every month.

Microsoft has released the optional KB5031445 Preview cumulative update for Windows 10 22H2 with nine improvements or fixes, including a fix for a memory leak in ctfmon. The KB5031445 cumulative update preview is part of Microsoft's "Optional non-security preview updates" schedule, which are typically released on the fourth Tuesday of every month.

The number of Cisco IOS XE devices detected with a malicious backdoor implant has plummeted from over 50,000 impacted devices to only a few hundred after the attackers updated the backdoor to hide infected systems from scans. This week, Cisco warned that hackers exploited two zero-day vulnerabilities, CVE-2023-20198 and CVE-2023-20273, to hack over 50,000 Cisco IOS XE devices to create privileged user accounts and install a malicious LUA backdoor implant.

According to complaints from Windows admins, the issue is triggered after installing KB5031361 and KB5031364 on Windows Server 2019 and Windows Server 2022 systems. When it released the buggy cumulative updates, the company revised the support document for KB5031364, including and removing a known issue related to VMware ESXi, describing boot issues encountered by guest VMs operating Windows Server 2022 with Secure Boot enabled.

ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the SocGholish "Malware delivery via fake browser updates" campaigns, Sekoia researchers have concluded. Subsequently downloaded payloads create an iframe element to host the fake update interface, download that interface, and the fake update content and HTML page.

Microsoft has resolved a known issue that caused Windows 10 security updates released during this month's Patch Tuesday to fail with 0x8007000d errors. For systems impacted by this issue, specifically Windows 10 21H2 and Windows 10 22H2, the KB5031356 security update would fail despite displaying initial progress during deployment.

This is to deal with a recent outbreak of malicious updates pushing malware from compromised publisher accounts. Starting in late August and into September 2023, there has been an elevated number of reports about compromised Steamworks accounts and the attackers uploading malicious builds that infect players with malware.