Windows 11: Microsoft is investigating these eight problems

Windows 11 is officially released, and users are running into various issues and problems preventing them from upgrading or using the new operating system correctly. Below we have collected eight known issues affecting Windows 11 and when they are expected to be fixed. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-microsoft-is-investigating-these-eight-problems/

Microsoft adds tamper protection to Windows 11 security baseline

Microsoft has released the final version of its security configuration baseline settings for Windows 11, downloadable today using the Microsoft Security Compliance Toolkit. [...]

https://www.bleepingcomputer.com/news/security/microsoft-adds-tamper-protection-to-windows-11-security-baseline/

Bank of America insider charged with money laundering for BEC scams

The U.S. District Court for the Eastern District of Virginia has charged three men with money laundering and aggravated identity theft after allegedly conducting a business email compromise (BEC) scheme. [...]

https://www.bleepingcomputer.com/news/security/bank-of-america-insider-charged-with-money-laundering-for-bec-scams/

Amnesty International links cybersecurity firm to spyware operation

A report by Amnesty International links an Indian cybersecurity company to an Android spyware program used to target prominent activists.  [...]

https://www.bleepingcomputer.com/news/security/amnesty-international-links-cybersecurity-firm-to-spyware-operation/

FontOnLake malware infects Linux systems via trojanized utilities

A newly discovered malware family has been infecting Linux systems concealed in legitimate binaries. Dubbed FontOnLake, the threat delivers backdoor and rootkit components. [...]

https://www.bleepingcomputer.com/news/security/fontonlake-malware-infects-linux-systems-via-trojanized-utilities/

Customize your Windows 11 experience with these free apps

Windows 11 is now available for devices with supported hardware features. If you've already upgraded to Windows 11 and you're looking for some great apps for your Windows 11 device, here's a list of the interesting open-source and free apps currently available in the marketplace. [...]

https://www.bleepingcomputer.com/news/microsoft/customize-your-windows-11-experience-with-these-free-apps/

Windows 11 incompatible with apps using non-ASCII registry keys

Microsoft is blocking Windows 11 upgrades if customers use applications that create registry keys using some non-ASCII characters. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-incompatible-with-apps-using-non-ascii-registry-keys/

Pacific City Bank discloses ransomware attack claimed by AvosLocker

Pacific City Bank (PCB), one of the largest Korean-American community banking service providers in America, has disclosed a ransomware incident that took place last month. [...]

https://www.bleepingcomputer.com/news/security/pacific-city-bank-discloses-ransomware-attack-claimed-by-avoslocker/

Nuclear engineer's espionage plans unraveled by undercover FBI agent

A Navy nuclear engineer and his wife were arrested under espionage-related charges alleging violations of the Atomic Energy Act after selling restricted nuclear-powered warship design data to a person they believed was a foreign power agent. [...]

https://www.bleepingcomputer.com/news/security/nuclear-engineers-espionage-plans-unraveled-by-undercover-fbi-agent/

Microsoft Defender for Identity to detect Windows Bronze Bit attacks

Microsoft is working on adding support for Bronze Bit attacks detection to Microsoft Defender for Identity to make it easier for Security Operations teams to detect attempts to abuse a Windows Kerberos bug tracked as CVE-2020-17049. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-for-identity-to-detect-windows-bronze-bit-attacks/

Ukrainian police arrest DDoS operator controlling 100,000 bots

Ukrainian police have arrested a hacker who controlled a 100,000 device botnet used to perform DDoS attacks on behalf of paid customers. [...]

https://www.bleepingcomputer.com/news/security/ukrainian-police-arrest-ddos-operator-controlling-100-000-bots/

Huawei Cloud targeted by updated cryptomining malware

A new version of a 2020 crypto-mining malware that was previously targeting Docker containers has now been spotted focusing on new cloud service providers like the Huawei Cloud. [...]

https://www.bleepingcomputer.com/news/security/huawei-cloud-targeted-by-updated-cryptomining-malware/

Microsoft: Iran-linked hackers target US defense tech companies

Iran-linked threat actors are targeting the Office 365 tenants of US and Israeli defense technology companies in extensive password spraying attacks. [...]

https://www.bleepingcomputer.com/news/security/microsoft-iran-linked-hackers-target-us-defense-tech-companies/

LibreOffice, OpenOffice bug allows hackers to spoof signed docs

LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source.  [...]

https://www.bleepingcomputer.com/news/security/libreoffice-openoffice-bug-allows-hackers-to-spoof-signed-docs/

Emergency Apple iOS 15.0.2 update fixes zero-day used in attacks

Apple has released iOS 15.0.2 and iPadOS 15.0.2 to fix a zero-day vulnerability that is actively exploited in the wild in attacks targeting Phones and iPads. [...]

https://www.bleepingcomputer.com/news/security/emergency-apple-ios-1502-update-fixes-zero-day-used-in-attacks/

GitHub revokes duplicate SSH auth keys linked to library bug

GitHub has revoked weak SSH authentication keys generated using a library that incorrectly created duplicate RSA keypairs. [...]

https://www.bleepingcomputer.com/news/security/github-revokes-duplicate-ssh-auth-keys-linked-to-library-bug/

Brother printers may not work in Windows 11 if connected via USB

Brother is warning that many of their printers may no longer work or display errors when using a USB connection in Windows 11. [...]

https://www.bleepingcomputer.com/news/microsoft/brother-printers-may-not-work-in-windows-11-if-connected-via-usb/

NSA warns of wildcard certificate risks, provides mitigations

The U.S. National Security Agency (NSA) is warning of the dangers stemming from the use of broadly-scoped certificates to authenticate multiple servers in an organization. These include a recently disclosed ALPACA technique that could be used for various traffic redirect attacks. [...]

https://www.bleepingcomputer.com/news/security/nsa-warns-of-wildcard-certificate-risks-provides-mitigations/

Photo editor Android app STILL sitting on Google Play store is malware

An Android app sitting on the Google Play store touts itself to be a photo editor app. But, it contains code that steals the user's Facebook credentials to potentially run ad campaigns on the user's behalf, with their payment information. The app has scored over 5K installs, with similar spyware apps having 500K+ installs. [...]

https://www.bleepingcomputer.com/news/security/photo-editor-android-app-still-sitting-on-google-play-store-is-malware/

Microsoft: Azure customer hit by record DDoS attack in August

Microsoft has mitigated a record 2.4 Tbps (terabytes per second) Distributed Denial-of-Service (DDoS) attack targeting an European Azure customer during the last week of August. [...]

https://www.bleepingcomputer.com/news/security/microsoft-azure-customer-hit-by-record-ddos-attack-in-august/

Olympus US systems hit by cyberattack over the weekend

Olympus, a leading medical technology company, was forced to take down IT systems in the Americas (U.S., Canada and Latin America) following a cyberattack that hit its network Sunday, on October 10, 2021. [...]

https://www.bleepingcomputer.com/news/security/olympus-us-systems-hit-by-cyberattack-over-the-weekend/