Security News
The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as 'Typhon Reborn V2'. They boast significant improvements designed to thwart analysis via anti-virtualization mechanisms. The original Typhon was discovered by malware analysts in August 2022.
A suspected Chinese hacking campaign has been targeting unpatched SonicWall Secure Mobile Access appliances to install custom malware that establishes long-term persistence for cyber espionage campaigns.The deployed malware is customized for SonicWall devices and is used to steal user credentials, provide shell access to the attackers, and even persist through firmware upgrades.
Microsoft has addressed a known issue behind unsupported computers being offered Windows 11 22H2 upgrades and unable to complete the installation process. This has happened before, with Windows 11 22H2 being offered to Windows 11 Insiders in the Release Preview channel with ineligible devices.
Korean car-makers Hyundai and Kia will issue software updates to some of their models after a method of stealing them circulated on TikTok, leading to many thefts and even some deaths. The "Kia Challenge" started circulating in mid-2022 and explained that it's possible to remove the steering column covering on some Hyundai and Kia models by force, exposing a slot that fits a USB-A plug.
Organizations using Microsoft's Defender for Endpoint will now be able to isolate Linux devices from their networks to stop miscreants from remotely connecting to them. Users can get to the device page of the Linux systems through the Microsoft 365 Defender portal, where they will see an "Isolate Device" tab in the upper right among other response actions.
Microsoft has messed up a zero trust upgrade its service provider partners have been asked to implement for customers. The software giant has long given its partners delegated admin privileges that allow them to administer customers' services or subscriptions on their behalf.
From your accounting software to your team chat, running a business today involves connecting to a variety of online apps. This leaves you vulnerable to attacks - unless you're using something like the KeepSolid Private Browser.
Microsoft has fixed a known issue blocking the Windows 11 2022 Update from being offered on systems with printers using Universal Print Class or Microsoft IPP Class drivers because of compatibility issues. In late September, Redmond added a compatibility hold to block Windows 11 22H2 on affected systems because some installed printers might only allow customers to use the default settings with features like color, 2-sided printing, or higher resolutions.
October is Security Awareness Month, an exciting time as organizations around the world train people how to be cyber secure, both at work and at home. Security awareness goes by many other names, depending on the organization: security influence, culture, engagement, training, education, etc.
China appears to have upgraded its Great Firewall, the instrument of pervasive real-time censorship it uses to ensure that ideas its government doesn't like don't reach China's citizens. Great Firewall Report, an organization that monitors and reports on China's censorship efforts, has this week posted a pair of assessments indicating a crackdown on TLS encryption-based tools used to evade the Firewall.