Security News

Microsoft is now blocking the Windows 11 22H2 update from being offered because of compatibility issues affecting Windows devices with printers using Microsoft IPP Class Driver or Universal Print Class Driver. "Windows needs connectivity to the printer to identify all the features of the printer. Without connectivity, the printer is set up with default settings and in some scenarios might not get updated once connectivity to the printer is restored," Microsoft explained.

Security researchers have discovered a malicious campaign by the 'Witchetty' hacking group, which uses steganography to hide a backdoor malware in a Windows logo. The group is also considered part of the TA410 operatives, previously linked to attacks against U.S. energy providers.

Microsoft has finally re-added a link to the Task Manager to the taskbar's contextual menu in the latest Windows 11 Insider preview build. "Based on your feedback, we've added a link to Task Manager when right-clicking on the taskbar," Microsoft's Amanda Langowski and Brandon LeBlanc said.

Quantum Builder lets attackers to create malicious Microsoft Windows LNK shortcuts. Quantum Builder has been linked to the advanced persistent threat gang Lazarus Group, based on shared tactics, techniques, and procedures and overlaps in source code, but they can't with any confidence attribute the current campaign to Lazarus or any particular threat group.

A quickly expanding botnet called Chaos is targeting and infecting Windows and Linux devices to use them for cryptomining and launching DDoS attacks. Even though it mainly propagates by attacking devices unpatched against various security vulnerabilities and SSH brute-forcing, Chaos will also use stolen SSH keys to hijack more devices.

A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office routers, and enterprise servers into its botnet. "Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically propagate through stealing and brute-forcing SSH private keys, as well as launch DDoS attacks," researchers from Lumen's Black Lotus Labs said in a write-up shared with The Hacker News.

In order to understand how a pass-the-hash attack works, you must first understand how password hashes are used. When you log into the system, the authentication engine uses the same mathematical formula to compute a hash for the password that you entered and compares it to the stored hash.

In the latest version of Windows 11, Microsoft is introducing a feature in its Microsoft Defender SmartScreen tool designed to keep passwords safer. The enhanced phishing protection automatically detects when a user types their password into an app or website and knows immediately whether the app or site has a secure connection to a trusted website.

Microsoft is now blocking the Windows 11 22H2 update from being offered on some systems with Intel Smart Sound Technology audio drivers. "Intel and Microsoft have found incompatibility issues with certain versions of drivers for Intel Smart Sound Technology on Intel 11th Gen Core processors and Windows 11," Microsoft said in a Windows Health dashboard update.

As it rolled out a laundry list of features in the latest version of Windows 11, namely version 22H2, this month, Microsoft has also detailed some of the added security mechanisms. Included among the features is Kernel Mode Hardware Enforced Stack Protection, with Rick Munck, cloud security solution architect at Microsoft, stressing its dependency on hypervisor-protected code integrity.