Security News

New Raspberry Robin worm uses Windows Installer to drop malware
2022-05-05 21:36

Red Canary intelligence analysts have discovered a new Windows malware with worm capabilities that spreads using external USB drives. This malware is linked to a cluster of malicious activity dubbed Raspberry Robin and was first observed in September 2021.

Microsoft: Windows 11 KB5012643 update will break some apps
2022-05-04 14:06

Microsoft has warned Windows 11 users that they might experience issues launching and using some. Affected apps use optional components such as Windows Workflow and Windows Communication Foundation.

Using PowerShell to manage password resets in Windows domains
2022-05-04 14:01

You can find the date of the user's most recent password change by examining the PwdLastSet attribute, shown in Figure 1. Only one user's password change date is being shown, but there are any number of ways to tell the Get-ADUser cmdlet to display data for multiple user accounts.

Microsoft fixes Windows 11 bug causing flickers in safe mode
2022-05-02 13:00

Microsoft has addressed a newly acknowledged known issue that caused flickering screen problems and made some Windows apps seem unstable in Safe Mode without Networking. "Devices experiencing this issue can log a System error on the Windows Event Log, with Source 'Winlogon' and the following description: 'The shell stopped unexpectedly and explorer.exe was restarted'," Microsoft explained.

Fake Windows 10 updates infect you with Magniber ransomware
2022-04-30 14:18

Fake Windows 10 updates are being used to distribute the Magniber ransomware in a massive campaign that started earlier this month. While researching the campaign, we discovered a topic in our forums where readers report becoming infected by the Magniber ransomware after installing what is believed to be Windows 10 cumulative or security update.

Why you need secured-core Windows servers
2022-04-29 21:39

That's where secured-core server comes in, using hardware-based security tools to protect your servers right from the moment they start to boot. Secured-core systems need a second generation TPM. The first and most obvious task is using the TPM to ensure the integrity of a server's BIOS and firmware, using pro-loaded signatures.

Windows 11 gets new group policies to tweak the Start Menu
2022-04-29 19:06

Microsoft has released a new Windows 11 build to the Dev and Beta Channels that introduces multiple group policies that IT administrators can use to tweak the Start menu, the taskbar, and the system tray. "We are introducing new policies so that IT administrators can simplify their Windows 11 experience across Start, taskbar, and the system tray," the Windows Insider team said.

Emotet malware now installs via PowerShell in Windows shortcut files
2022-04-26 21:17

The Emotet botnet is now using Windows shortcut files containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default. LNK files is not new, as the Emotet gang previously used them in a combination with Visual Basic Script code to build a command that downloads the payload. However, this is the first time that they utilized Windows shortcuts to directly execute PowerShell commands.

Microsoft fixes Point of Sale bug that delayed Windows 11 startup for 40 minutes
2022-04-26 11:32

The San Diego Supercomputer Center in the US is ditching its lead-acid uninterruptible power supply batteries for more environmentally friendly rechargeables - though it's avoiding lithium-ion, and going with a new form of rechargeable alkaline. Currently, the SDSC relies on a generator and UPS to provide emergency power.

Windows 10 KB5011831 update released with 26 bug fixes, improvements
2022-04-26 01:37

Microsoft has released the optional KB5011831 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2 that fixes 26 bugs. This update includes many bug fixes, including those for Microsoft OneDrive, Remote Desktop, News and Interest, Azure Active Directory, and delays in booting Windows 10.