Security News

A scarily realistic-looking Google Search YouTube advertisement is redirecting visitors to tech support scams pretending to be security alerts from Windows Defender. Today, cybersecurity firm Malwarebytes disclosed that they discovered a "Major" malvertising campaign abusing Google ads.

Kaspersky security researchers have disclosed details of a brand-new ransomware family written in Rust, making it the third strain after BlackCat and Hive to use the programming language. Luna, as it's called, is "Fairly simple" and can run on Windows, Linux, and ESXi systems, with the malware banking on a combination of Curve25519 and AES for encryption.

A new ransomware family dubbed Luna can be used to encrypt devices running several operating systems, including Windows, Linux, and ESXi systems.Discovered by Kaspersky security researchers via a dark web ransomware forum ad spotted by the company's Darknet Threat Intelligence active monitoring system, Luna ransomware appears to be specifically tailored to be used only by Russian-speaking threat actors.

Microsoft recommends configuring the password history to remember the last 24 passwords. Unless an organization enforces a password history requirement, a user could skirt the rules by changing their password and then immediately changing back to their original password.

Complaints over Microsoft's latest patch Tuesday have intensified after some Windows 11 users found their systems worse for wear following installation. The July 12 patch, KB5015814, was a relatively straightforward one that dealt with a number of what Microsoft delicately termed "Security issues" in its summary.

A Windows 11 vulnerability, part of Microsoft's Patch Tuesday roundup of fixes, is being exploited in the wild, prompting the U.S. Cybersecurity and Infrastructure Security Agency to advise patching of the elevation of privileges flaw by August 2. The recommendation is directed at federal agencies and concerns CVE-2022-22047, a vulnerability that carries a CVSS score of high and exposes Windows Client Server Runtime Subsystem used in Windows 11 and also Windows Server 2022 to attack.

Trend Micro Research has published an anatomy of a Windows remote code execution vulnerability lurking in the Network File System. The vulnerability in question, CVE-2022-30136, was patched by Microsoft in June but the research makes for interesting reading both in terms of the vulnerability itself and the potential for exploitation.

Windows 8.1 is now displaying full-screen alerts when logging into the operating system, warning that the OS is reaching the end of support in January 2023 and will no longer receive security updates. "January 10, 2023 is the last day Microsoft will offer security updates and technical support for PCs that run Windows 8.1. We are reaching out now to thank you for your loyalty and help you prepare for what's next," reads the Windows 8.1 notification below.

Remote Help relies on Azure Active Directory for that, showing the profile photo, company details, job title, email address and other information from Azure AD, so users know they can trust the person helping them, and IT staff know more about who they're helping, which may be useful for solving their problem. Remote Help uses Endpoint Manager's role-based access controls, so admins can manage permissions to choose who can help which users and what they can do.

CISA has added an actively exploited local privilege escalation vulnerability in the Windows Client/Server Runtime Subsystem to its list of bugs abused in the wild.This high severity security flaw impacts both server and client Windows platforms, including the latest Windows 11 and Windows Server 2022 releases.