Security News

The feature update can be installed via Windows Update by going to Settings > Update & Security > Windows Update and clicking the "Check for updates" button. Customers using devices running Windows 10 20H2 or newer will have a fast installation experience as the Windows 10 2022 will install like a monthly update.

While the use of text messaging goes a long way toward protecting an organization against cyber criminals who attempt to use stolen passwords as a way of gaining access to accounts, text messaging-based MFA has vulnerabilities of its own. Risk of text message use in multi-factor authentication.

Microsoft has issued an out-of-band non-security update to address an issue triggering SSL/TLS handshake failures on client and server platforms. "We address an issue that might affect some types of Secure Sockets Layer and Transport Layer Security connections. These connections might have handshake failures," Microsoft explains.

A threat actor is selling on hacking forums what they claim to be a new UEFI bootkit named BlackLotus, a malicious tool with capabilities usually linked to state-backed threat groups. UEFI bootkits are planted in the system firmware and are invisible to security software running within the operating system because the malware loads in the initial stage of the booting sequence.

A free unofficial patch has been released through the 0patch platform to address an actively exploited zero-day flaw in the Windows Mark of the Web security mechanism. Windows automatically adds MotW flags to all documents and executables downloaded from untrusted sources, including files extracted from downloaded ZIP archives, using a special 'Zone.Id' alternate data stream.

Details have emerged about a now-patched security flaw in Windows Common Log File System that could be exploited by an attacker to gain elevated permissions on compromised machines. "The cause of the vulnerability is due to the lack of a strict bounds check on the field cbSymbolZone in the Base Record Header for the base log file in CLFS.sys," the cybersecurity firm said in a root cause analysis shared with The Hacker News.

The downloaded malicious files contained JavaScript that initiated an intricate infection with the file-encrypting malware. A report from HP's threat intelligence team notes that Magniber ransomware operators demanded payment of up to $2,500 for home users to receive a decryption tool and recover their files.

New Alchimist attack framework hits Windows, Linux and Mac. During initialization, all its content is placed in hard coded folders, namely /tmp/Res for the web interface, HTML files and more folders, and /tmp/Res/Payload for its payloads for Windows and Linux operating systems.

A previously undocumented command-and-control framework dubbed Alchimist is likely being used in the wild to target Windows, macOS, and Linux systems. "Alchimist C2 has a web interface written in Simplified Chinese and can generate a configured payload, establish remote sessions, deploy payload to the remote machines, capture screenshots, perform remote shellcode execution, and run arbitrary commands," Cisco Talos said in a report shared with The Hacker News.

Cybersecurity researchers have discovered a new attack and C2 framework called 'Alchimist,' which appears to be actively used in attacks targeting Windows, Linux, and macOS systems. Alchimist offers a web-based interface using the Simplified Chinese language, and it's very similar to Manjusaka, a recently-emerged post-exploitation attack framework growing popular among Chinese hackers.