Security News
Windows 11 users report a strange upgrade experience where the operating system continues to show the Windows 10 taskbar, while everything else uses the new Windows 11 user interface. After upgrading to Windows 11, some users have reported bizarre [1, 2] results where the new operating system becomes a hybrid of Windows 10 and Windows 11.
Kaspersky has presented the findings of an eight-month probe into the FinFisher spyware toolset - including the discovery of a UEFI "Bootkit" infection method and "Advanced anti-analysis methods" such as "Four-layer obfuscation." The toolkit receives frequent updates to evade detection and add new functionality, with Kaspersky having previously investigated a 2019 update which boosted its spying capabilities to include chat, physical movement, microphone, and camera access, alongside locally stored data capture and exfiltration.
Microsoft will make it easier for Windows 10 users to check if their computer is compatible with Windows 11 by alerting people via Windows Update. When Windows 11 was first announced, it came with new system requirements that will likely require many Windows 10 users to purchase new hardware to upgrade to the new operating system.
Microsoft has applied a compatibility hold on systems running older versions of CryptoPro CSP, blocking them from being offered or installing Windows 10, version 2004 or later. "A compatibility issue has been found between older versions of риптопроcsp and Windows 10, version 20H1 or Windows 10, version 2004," Microsoft says in a newly published support article.
Microsoft has applied a compatibility hold on systems running older versions of CryptoPro CSP, blocking them from being offered or installing Windows 10, version 2004 or later. "A compatibility issue has been found between older versions of риптопроcsp and Windows 10, version 20H1 or Windows 10, version 2004," Microsoft says in a newly published support article.
Microsoft has announced that the Edge Vulnerability Research team is experimenting with a new feature dubbed "Super Duper Secure Mode" and designed to bring security improvements without significant performance losses. When enabled, the new Microsoft Edge Super Duper Secure Mode will remove Just-In-Time Compilation from the V8 processing pipeline, reducing the attack surface threat actors can use to hack into Edge users' systems.
Chinese web giant Tencent has suspended new signups to its WeChat messaging service. A notification posted yesterday to the WeChat account on Sina Weibo, China's Twitter analogue, said the reason for the suspension is a security upgrade.
The Dicentis system server from Bosch has become very popular since its launch in 2019, with more than 60% of Dicentis Conference System installations now including the device. This solution has now been upgraded with new hardware from HP and an enhanced operating system.
Datto reintroduced its Virtual SIRIS data protection software. Delivered as a virtual appliance, this software-only version of the Datto SIRIS solution provides MSPs with the flexibility to meet the diverse data protection requirements of their small and medium business clients with fully integrated software running on their own hardware.
New upgrades have been made to a Python-based "Self-replicating, polymorphic bot" called Necro in what's seen as an attempt to improve its chances of infecting vulnerable systems and evading detection. "Although the bot was originally discovered earlier this year, the latest activity shows numerous changes to the bot, ranging from different command-and-control communications and the addition of new exploits for spreading, most notably vulnerabilities in VMWare vSphere, SCO OpenServer, Vesta Control Panel and SMB-based exploits that were not present in the earlier iterations of the code," researchers from Cisco Talos said in a deep-dive published today.