Microsoft to Force Install New Outlook on Windows 10 PCs in February

,

Microsoft will enforce installation of the new Outlook on Windows 10 starting February via a security update. Users deploying the optional January update will get it first, while others will see it installed with the February update. Classic Outlook will remain intact, and users can uninstall the new app afterward, as it cannot be blocked. The new Outlook was previewed in May 2022 and is available for personal and commercial accounts now.

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-force-install-new-outlook-on-windows-10-pcs-in-february/

GitLab Patch Release: 17.7.1, 17.6.3, 17.5.5

GitLab released patch updates 17.7.1, 17.6.3, and 17.5.5 for Community and Enterprise Editions, addressing critical bug and security fixes. Users must upgrade immediately, while GitLab.com is already updated. Notably, new import features enhance user contribution mapping, addressing vulnerabilities discovered via HackerOne. Key security fixes involve access token exposure, DoS issues, and unauthorized status manipulation. Recommended actions include disabling importers temporarily until upgraded and promptly upgrading any affected version. Full details and updates available in GitLab’s documentation.

GitLab Patch Release: 17.7.1, 17.6.3, 17.5.5

Harnessing AI for Proactive Threat Intelligence and Advanced Cyber Defense

AI revolutionizes cybersecurity by enabling real-time threat detection, proactive defense, and enhanced data protection. It learns from data patterns, identifies potential threats before they manifest, and automates defense mechanisms to combat sophisticated attacks. Despite its advantages, ethical concerns and potential biases must be addressed. Key benefits include efficient incident management, better endpoint security, and continuous adaptation to emerging threats. Integrating AI with human expertise is vital for robust future cyber defense.

Harnessing AI for Proactive Threat Intelligence and Advanced Cyber Defense

Largest Us Addiction Treatment Provider Notifies Patients of Data Breach

BayMark Health Services, the largest US addiction treatment provider, notified patients of a data breach where attackers accessed personal and health information from September 24 to October 14, 2024. The breach, linked to the RansomHub ransomware gang, exposed sensitive data for an undisclosed number of patients. BayMark is offering a year of free Equifax identity monitoring to affected individuals.

Largest US addiction treatment provider notifies patients of data breach

Banshee: The Stealer That “Stole Code” From MacOS XProtect

Banshee Stealer Overview: Check Point Research monitors Banshee, a macOS malware linked to Russian cyber criminals. The updated version, detected in late September 2024, utilized an encryption algorithm similar to Apple's XProtect for improved evasion tactics. Sold as a ‘stealer-as-a-service' at $3,000, Banshee continued operating until its source code leaked in November, leading to its shutdown. Despite this, modified versions persist via phishing websites. The malware targets browser credentials and various cryptocurrency wallets while employing techniques like process forking to avoid detection. The report emphasizes the vulnerability of macOS to such attacks and the need for increased cybersecurity vigilance among users.

Banshee: The Stealer That “Stole Code” From MacOS XProtect

Protecting Web-based Work: Connecting People, Web Browsers and Security

Web browsers are essential for modern work but pose security risks as organizations shift to hybrid models. Security measures lag behind, leading to breaches and financial losses. A high percentage of workplaces face browser-based attacks, highlighting the need for advanced security like SASE frameworks and enterprise browsers that mitigate risks from personal devices. Proactive measures, including zero-trust architecture and ongoing employee training, are crucial for safeguarding sensitive data and fostering a resilient cybersecurity posture.

Protecting Web-Based Work: Connecting People, Web Browsers and Security

Over 4,000 Backdoors Hijacked by Registering Expired Domains

,

Over 4,000 backdoors hijacked via expired domains; researchers at WatchTowr Labs sinkholed communication from compromised systems, preventing further malicious use. They identified numerous infected systems, including government and educational institutions in multiple countries. Control of the hijacked domains was transferred to The Shadowserver Foundation for ongoing monitoring.

Over 4,000 backdoors hijacked by registering expired domains

SonicWall Urges Admins to Patch Exploitable SSLVPN Bug Immediately

,

SonicWall advises immediate firmware updates to fix a critical SSLVPN authentication bypass vulnerability (CVE-2024-53704, CVSS 8.2) affecting certain firewall models. Patches are available to prevent exploitation. Additional vulnerabilities noted include weak PRNG in SSL VPN tokens, SSRF in SSH management, and privilege escalation in cloud editions. Users should upgrade to specified SonicOS versions and limit access to mitigate risks.

SonicWall urges admins to patch exploitable SSLVPN bug immediately

Telegram Hands over Data on Thousands of Users to Us Law Enforcement

Telegram shares data on 2,253 users with U.S. law enforcement following a policy shift, fulfilling 900 requests in 2024, up from only 14 requests before. The change comes after pressure from authorities and the arrest of founder Pavel Durov for cybercrime-related charges. Telegram now cooperates on various crimes beyond terrorism, despite cybercriminals expressing concerns about leaving the platform. An updated transparency report is expected in April 2025.

Telegram hands over data on thousands of users to US law enforcement

New PhishWP Plugin Enables Sophisticated Payment Page Scams

,

New PhishWP plugin enables creation of fake payment pages, allowing cybercriminals to steal sensitive data. It mimics trusted services like Stripe, collecting credit card info and OTPs, sending this data to attackers via Telegram. PhishWP can compromise existing WordPress sites or create fraudulent ones, making scams difficult to detect. It features customizable checkouts, data collection capabilities, and real-time data transmission, posing a significant security threat. Experts recommend using advanced phishing protection tools to combat such scams.

New PhishWP Plugin Enables Sophisticated Payment Page Scams

Weaponizing Oast: How Malicious Packages Exploit Npm, Pypi, …

Malicious packages in npm, PyPI, and RubyGems exploit Out-of-Band Application Security Testing (OAST) techniques for data exfiltration. Threat actors leverage services like oastify.com to stealthily extract sensitive data and probe developer environments. Examples include a spoofed npm package (adobe-dcapi-web) designed to bypass detection, a typosquatted PyPI package (monoliht) for silent metadata collection, and various RubyGems targeting user information via DNS queries. These techniques pose significant risks, emphasizing the need for enhanced security measures in software supply chains.

Weaponizing OAST: How Malicious Packages Exploit npm, PyPI, …

Breaking Encryption: How to Prepare for Tomorrow’s Quantum Risk Today

,

Quantum computing threatens current encryption methods, risking sensitive data security. Organizations must prepare now by upgrading encryption to new post-quantum standards. Key steps include assessing exposure, adopting new encryption practices, remaining adaptable to evolving standards, and increasing awareness of quantum risks. This proactive approach helps safeguard data against future quantum capabilities.

Breaking Encryption: How To Prepare For Tomorrow's Quantum Risk Today

AI-generated Phishing Emails Are Getting Very Good at Targeting Executives

,

AI-generated phishing emails are increasingly targeting corporate executives. Companies like Beazley and eBay report a rise in hyper-personalized scams using personal details gathered via AI analysis. Experts highlight that AI enables hackers to craft convincing phishing emails that bypass security measures. Phishing is the starting point for over 90% of cyberattacks, with the global cost of data breaches rising. AI's role in identifying vulnerabilities enhances the sophistication of these scams, making them more difficult to detect.

AI-generated phishing emails are getting very good at targeting executives

Windows 11 Bitlocker Encryption Bypassed to Extract Volume Encryption Keys

,

Researchers have bypassed Windows 11's BitLocker encryption, extracting Full Volume Encryption Keys (FVEKs) from RAM during physical access attacks. This vulnerability arises from capturing memory contents during system operation, allowing key retrieval. Techniques, such as maintaining power to RAM, are used to prevent data loss during attacks. Secure Boot, while protective, has known bypass methods. Key extraction involves creating a bootable USB, restarting the system, and analyzing memory dumps for sensitive data. Despite Microsoft's security measures, residual keys can remain in memory, emphasizing that no encryption is entirely secure against physical access. Users should enhance hardware security and organizations should improve physical access controls.

Windows 11 BitLocker Encryption Bypassed To Extract Volume Encryption Keys

Scroll to Top