Security News

PQShield published a white paper that lays out the quantum threat to secure end-to-end messaging and explains how post-quantum cryptography can be added to the Signal secure messaging protocol to protect it from quantum attacks. The company is offering to license its end-to-end encrypted messaging IP to the Signal Foundation pro bono - if/when they plan to upgrade their system - to support the non-profit behind the free encrypted messaging app, Signal, in its mission to make secure communication accessible to everyone.

The operators of the Hive ransomware-as-a-service scheme have overhauled their file-encrypting software to fully migrate to Rust and adopt a more sophisticated encryption method. "With its latest variant carrying several major upgrades, Hive also proves it's one of the fastest evolving ransomware families, exemplifying the continuously changing ransomware ecosystem," Microsoft Threat Intelligence Center said in a report on Tuesday.

Microsoft has released the optional KB5014668 cumulative update previews for Windows 11 with fixes for issues leading to game crashes and failed upgrades to the latest Windows version. This cumulative update is part of Microsoft's scheduled June 2022 monthly "C" updates that enables Windows customers to test upcoming fixes before they're released for all users on July 12th as part of the next Patch Tuesday.

The Gallium group, believed to be a Chinese state-sponsored team, is going on the warpath with an upgraded remote access trojan that threat hunters say is difficult to detect. The backdoor, once in a compromised system, comes in three variants, each of which can communicate with the command-and-control system in one of three protocols: ICMP, HTTPS and raw TCP. All three PingPull variants have the same functionality, but each creates a custom string of code that it sends to the C2 server, which will use the unique string to identify the compromised system.

Today's threat landscape is constantly evolving. Threat actors and tactics are becoming more determined and advanced.

The Tor Project has published details about a newly introduced system called Congestion Control that promises to eliminate speed limits on the network. Congestion Control "Will result in significant performance improvements in Tor, as well as increased utilization of our network capacity," say the maintainers of the project.

Hackers are luring unsuspecting users with a fake Windows 11 upgrade that comes with malware that steals browser data and cryptocurrency wallets. The hackers are preying on users that jump at installing Windows 11 without spending the time to learn that the OS needs to meet certain specifications.

Microsoft has removed a compatibility hold blocking Windows 11 upgrades for Windows 10 customers after fixing a known issue leading to problems importing Internet Explorer 11 data into Microsoft Edge. The only customers impacted by the now-fixed known issue were those who didn't import their IE11 information into Microsoft Edge before starting the Windows 11 upgrade process.

Microsoft has added a new safeguard hold blocking Windows 11 upgrades for Windows 10 customers who don't import their Internet Explorer 11 data into Microsoft Edge before trying to install the newest Windows version. "After upgrading to Windows 11, saved information and data from Internet Explorer 11 might not be accessible if you did not accept to import it into Microsoft Edge before the upgrade," Microsoft explained in the Windows health dashboard.

Even as the TrickBot infrastructure closed shop, the operators of the malware are continuing to refine and retool their arsenal to carry out attacks that culminated in the deployment of Conti ransomware. IBM Security X-Force, which discovered the revamped version of the criminal gang's AnchorDNS backdoor, dubbed the new, upgraded variant AnchorMail.