Security News

Proof-of-concept (Poc) code has been released for a now-patched high-severity security flaw in the Windows CryptoAPI that the U.S. National Security Agency (NSA) and the U.K. National Cyber...

Akamai researchers have published a PoC exploit for a critical vulnerability in Windows CryptoAPI, which validates public key certificates. "An attacker could manipulate an existing public x.509 certificate to spoof their identity and perform actions such as authentication or code signing as the targeted certificate," Microsoft said in October 2022, when they announced fixes for vulnerable Windows and Windows Server versions.

Proof of concept exploit code has been released by Akamai researchers for a critical Windows CryptoAPI vulnerability discovered by the NSA and U.K.'s NCSC allowing MD5-collision certificate spoofing. Unauthenticated attackers can exploit this bug in low-complexity attacks.

Over several weeks in October of 2022, Specops collected 4.6 million attempted passwords on their honeypot system. Though the examples given here focused on RDP connections, a honeypot is not limited to that type of connection, and any remote access system is subject to attacks, like SSH. What should an organization do to minimize the potential damage?

A new Python-based malware has been spotted in the wild featuring remote access trojan capabilities to give its operators control over the breached systems. The PY#RATION malware is distributed via a phishing campaign that uses password-protected ZIP file attachments containing two shortcut.

Microsoft has confirmed an issue causing the Windows Start menu to become unresponsive and some applications to no longer launch. The newly acknowledged issue affects only client platforms, including Windows 10 20H2, 21H2, and 22H2, and Windows 11, version 22H2. "The Start menu, Windows search, and Universal Windows Platform apps might not work as expected or might have issues opening," Redmond said.

Microsoft's move last year to block macros by default in Office applications is forcing miscreants to find other tools with which to launch cyberattacks, including the software vendor's LNK files - the shortcuts Windows uses to point to other files. The files are also helping criminals gain initial access into victims' systems before running such threats as the Qakbot backdoor malware, malware loader Bumblebee, and IcedID, a malware dropper, according to the Talos researchers.

Microsoft has released the optional KB5019275 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2, with fourteen fixes and improvements. The KB5019275 cumulative update preview is part of Microsoft's January 2023 monthly "C" update, allowing admins to test upcoming fixes released in the February 2023 Patch Tuesday.

Microsoft released a new version of Notepad for Windows 11 on Thursday that will allow Windows Insiders in the Dev channel to use multiple tabs. [...]

Microsoft is investigating an issue causing the Windows taskbar and Start Menu to become unresponsive and triggering Outlook and Teams login problems. Windows admins have told BleepingComputer that their users have been reporting issues not seeing the Windows Start Menu when clicking, not being able to launch modern apps, and that the Windows Search feature is broken.