Security News

Proof of concept exploit code has been released by Akamai researchers for a critical Windows CryptoAPI vulnerability discovered by the NSA and U.K.'s NCSC allowing MD5-collision certificate spoofing. Unauthenticated attackers can exploit this bug in low-complexity attacks.

Over several weeks in October of 2022, Specops collected 4.6 million attempted passwords on their honeypot system. Though the examples given here focused on RDP connections, a honeypot is not limited to that type of connection, and any remote access system is subject to attacks, like SSH. What should an organization do to minimize the potential damage?

A new Python-based malware has been spotted in the wild featuring remote access trojan capabilities to give its operators control over the breached systems. The PY#RATION malware is distributed via a phishing campaign that uses password-protected ZIP file attachments containing two shortcut.

Microsoft has confirmed an issue causing the Windows Start menu to become unresponsive and some applications to no longer launch. The newly acknowledged issue affects only client platforms, including Windows 10 20H2, 21H2, and 22H2, and Windows 11, version 22H2. "The Start menu, Windows search, and Universal Windows Platform apps might not work as expected or might have issues opening," Redmond said.

Microsoft's move last year to block macros by default in Office applications is forcing miscreants to find other tools with which to launch cyberattacks, including the software vendor's LNK files - the shortcuts Windows uses to point to other files. The files are also helping criminals gain initial access into victims' systems before running such threats as the Qakbot backdoor malware, malware loader Bumblebee, and IcedID, a malware dropper, according to the Talos researchers.

Microsoft has released the optional KB5019275 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2, with fourteen fixes and improvements. The KB5019275 cumulative update preview is part of Microsoft's January 2023 monthly "C" update, allowing admins to test upcoming fixes released in the February 2023 Patch Tuesday.

Microsoft released a new version of Notepad for Windows 11 on Thursday that will allow Windows Insiders in the Dev channel to use multiple tabs. [...]

Microsoft is investigating an issue causing the Windows taskbar and Start Menu to become unresponsive and triggering Outlook and Teams login problems. Windows admins have told BleepingComputer that their users have been reporting issues not seeing the Windows Start Menu when clicking, not being able to launch modern apps, and that the Windows Search feature is broken.

Microsoft has acknowledged a new bug affecting some Windows 11 applications triggering launch issues and causing them to display errors after a system restore. The company said that "After running a System Restore to a previous restore point on a device that is running Windows 11, version 22H2, some Windows applications that use the MSIX Windows app package format may experience" various instability problems, including failures to launch, freezes, and crashes.

Microsoft wants to bulk up the security in Windows Pro editions by ensuring the SMB insecure guest authentication fallbacks are no longer the default setting in the operating system. The move, which is included in the Windows 11 Insider Preview Build 25276 released this month, means that systems with Windows 10 version 1709 or later and Windows Server 2019, SMB2, and SMB3 will no longer allow by default guest account access to a remote server or for those who provide invalid credentials to fall back to the guest account.