Security News

Watch out: someone is spreading cryptocurrency-mining malware disguised as legitimate-looking applications, such as Google Translate, on free software download sites and through Google searches. "The malware is dropped from applications that are popular, but don't have an actual desktop version, such as Google Translate, keeping the malware versions in demand and exclusive," Check Point malware analyst Moshe Marelus wrote in a report Monday.

A new malware campaign disguised as Google Translate or MP3 downloader programs was found distributing cryptocurrency mining malware across 11 countries. According to a report by Check Point, the malware is created by a developer named 'Nitrokod,' which at first look appears to be clean of malware and provides the advertised functionality.

Microsoft has released the optional KB5016691 Preview cumulative update for Windows 11 with 22 fixes or improvements. This Windows 11 cumulative update is part of Microsoft's August 2022 monthly "C" update, allowing users to test upcoming fixes coming in the September 2022 Patch Tuesday.

Microsoft has discovered a new malware used by the Russian hacker group APT29 that enables authentication as anyone in a compromised network. Dubbed 'MagicWeb', the new malicious tool is an evolution of 'FoggyWeb', which allowed hackers to exfiltrate the configuration database of compromised Active Directory Federation Services servers, decrypt token-signing and token-decryption certificates, and fetch additional payloads from the command and control server.

Microsoft has finally made Windows Terminal the default terminal in Windows 11 Insider 'Dev' preview builds, bringing a new modern interface for all your command-line programs. In both Windows 10 Insider builds and Windows 11, Microsoft has already integrated support for Windows Terminal into the operating system, letting you select it as your default console terminal.

VMware has admitted an update on some versions of its Carbon Black endpoint solution is responsible for BSODs and boot loops on Windows machines after multiple organizations were affected by the problem. The problem surfaced yesterday, with threat hunter Tim Geschwindt stating on Twitter he knew of about 50 organizations struggling with the issue, and saying the Carbon Black endpoint solution was "Causing blue screens of death for devices running sensor version 3.7.0.1253".

Windows servers and workstations at dozens of organizations started to crash earlier today because of an issue caused by certain versions of VMware's Carbon Black endpoint security solution. The root of the problem is a ruleset deployed today to Carbon Black Cloud Sensor 3.6.0.1979 - 3.8.0.398 that causes devices to crash and show a blue screen at startup, denying access to them.

Microsoft has described a severe ChromeOS security vulnerability that one of its researchers reported to Google in late April. Microsoft's write-up is noteworthy both for the severity of the bug and for flipping of the script - it has tended to be Google, particularly its Project Zero group, that calls attention to bugs in Microsoft software.

Microsoft PowerToys is getting a new utility called PowerOCR that lets you select text in an image and copy it directly to the Windows clipboard. The new PowerToy is being developed by Windows app/utility developer Joseph Finney who opened a 'pull request' on July 4th announcing the new PowerOCR program he was creating.

Microsoft PowerToys is getting a new utility called PowerOCR that lets you select text in an image and copy it directly to the Windows clipboard. The new PowerToy is being developed by Windows app/utility developer Joseph Finney who opened a 'pull request' on July 4th announcing the new PowerOCR program he was creating.