Security News
Threat actors have started distributing fake Windows 11 upgrade installers to users of Windows 10, tricking them into downloading and executing RedLine stealer malware. The timing of the attacks coincides with the moment that Microsoft announced Windows 11's broad deployment phase, so the attackers were well-prepared for this move and waited for the right moment to maximize their operation's success.
Trojan titan TrickBot has added a striking anti-debugging feature that detects security analysis and crashes researcher browsers before its malicious code can be analyzed. The new anti-debugging feature was discovered by Security Intelligence analysts with IBM, who reported the emergence of a variety of TrickBot tactics aimed at making the job of security researcher more difficult, including server-side injection delivery and secure communications with the command-and-control server to keep code protected.
The Apache Software Foundation has released Apache OpenOffice 4.1.11, which fixes a handful of security vulnerabilities, including CVE-2021-33035, a recently revealed RCE vulnerability that could be triggered via a specially crafted document. Apache OpenOffice is an open-source office productivity suite that includes a word processor, a spreadsheet tool, a presentation editor, a vector graphics drawing editor, a mathematical formula editor, and a database management program.
Mozilla is rolling out a forced upgrade for Thunderbird 78.x users, getting everyone aboard version 91, the latest stable release that came out in August. If you were sticking with version 78.x thus far, it's likely that you were doing so for reasons of stability and add-on compatibility.
Windows 11 users report a strange upgrade experience where the operating system continues to show the Windows 10 taskbar, while everything else uses the new Windows 11 user interface. After upgrading to Windows 11, some users have reported bizarre [1, 2] results where the new operating system becomes a hybrid of Windows 10 and Windows 11.
Kaspersky has presented the findings of an eight-month probe into the FinFisher spyware toolset - including the discovery of a UEFI "Bootkit" infection method and "Advanced anti-analysis methods" such as "Four-layer obfuscation." The toolkit receives frequent updates to evade detection and add new functionality, with Kaspersky having previously investigated a 2019 update which boosted its spying capabilities to include chat, physical movement, microphone, and camera access, alongside locally stored data capture and exfiltration.
Microsoft will make it easier for Windows 10 users to check if their computer is compatible with Windows 11 by alerting people via Windows Update. When Windows 11 was first announced, it came with new system requirements that will likely require many Windows 10 users to purchase new hardware to upgrade to the new operating system.
Microsoft has applied a compatibility hold on systems running older versions of CryptoPro CSP, blocking them from being offered or installing Windows 10, version 2004 or later. "A compatibility issue has been found between older versions of риптопроcsp and Windows 10, version 20H1 or Windows 10, version 2004," Microsoft says in a newly published support article.
Microsoft has applied a compatibility hold on systems running older versions of CryptoPro CSP, blocking them from being offered or installing Windows 10, version 2004 or later. "A compatibility issue has been found between older versions of риптопроcsp and Windows 10, version 20H1 or Windows 10, version 2004," Microsoft says in a newly published support article.
Microsoft has announced that the Edge Vulnerability Research team is experimenting with a new feature dubbed "Super Duper Secure Mode" and designed to bring security improvements without significant performance losses. When enabled, the new Microsoft Edge Super Duper Secure Mode will remove Just-In-Time Compilation from the V8 processing pipeline, reducing the attack surface threat actors can use to hack into Edge users' systems.