Security News

The Kremlin-backed threat group APT28 is flooding Ukrainian government agencies with email messages about bogus Windows updates in the hope of dropping malware that will exfiltrate system data. Executing the command simulates a Windows update but actually downloads and executes a PowerShell script that collects basic system information about using such commands as "Tasklist" and "Systeminfo".

A new malware known as 'LOBSHOT' distributed using Google ads allows threat actors to stealthily take over infected Windows devices using hVNC. Earlier this year, BleepingComputer and numerous cybersecurity researchers reported a dramatic increase in threat actors utilizing Google ads to distribute malware in search results. In a new report by Elastic Security Labs, researchers revealed that a new remote access trojan named LOBSHOT was being distributed through Google Ads.

The Computer Emergency Response Team of Ukraine has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various government bodies in the country. The email messages come with the subject line "Windows Update" and purportedly contain instructions in the Ukrainian language to run a PowerShell command under the pretext of security updates.

The Computer Emergency Response Team of Ukraine says Russian hackers are targeting various government bodies in the country with malicious emails supposedly containing instructions on how to update Windows as a defense against cyber attacks. Instead of legitimate instructions on upgrading Windows systems, the malicious emails advise the recipients to run a PowerShell command.

Microsoft is rewriting core Windows libraries in the Rust programming language, and the more memory-safe code is already reaching developers. Microsoft showed interest in Rust several years ago as a way to catch and squash memory safety bugs before the code lands in the hands of users; these kinds of bugs were at the hear of about 70 percent of the CVE-listed security vulnerabilities patched by the Windows maker in its own products since 2006.

Microsoft says Windows 10, version 22H2 will be the last feature update to be released for the Windows 10 operating system.Windows 10 22H2 reached general availability in October 2022 and entered broad deployment on November 18, 2022.

Microsoft is rolling out Phone Link for iOS to all Windows 11 and iPhone users, with the rollout expected to complete by mid-May. The Phone Link app is designed to enable users to connect from their PC to Android and iOS devices via a Wi-Fi connection. "Today, we are excited to announce that Microsoft Phone Link for iOS on Windows 11 is beginning to rollout to our global audience in 39 languages across 85 markets," said Ali Akgun, Corporate Vice President of Software Engineering for Microsoft Devices.

Microsoft has fixed a known issue triggering Windows Security warnings that Local Security Authority Protection is off by removing the feature's UI from settings. Microsoft acknowledged a known issue causing persistent alerts asking for Windows restarts following a stream of reports mentioning "Local Security Authority protection is off. Your device may be vulnerable." warnings even though LSA Protection was already enabled.

Microsoft has released the optional KB5025297 Preview cumulative update for Windows 10 22H2, with eighteen fixes or changes. The KB5025297 cumulative update preview is part of Microsoft's optional non-security preview updates released on the Tuesday of the fourth week of a month.

Microsoft has released the optional April 2023 non-security cumulative updates for all editions of Windows 11 22H2 with a new option to prioritize non-security and feature Windows updates. After applying today's KB5025305 preview update, you can configure your PC to prioritize installing the latest available updates.