Ransomware gang deploys new malware to kill security software

RansomHub ransomware operators are now deploying new malware to disable Endpoint Detection and Response (EDR) security software in Bring Your Own Vulnerable Driver (BYOVD) attacks. Named EDRKillShifter by Sophos security researchers who discovered it during a May 2024 ransomware investigation, the malware deploys a legitimate, vulnerable driver on targeted devices to escalate privileges, disable security […]

Microsoft disables BitLocker security fix, advises manual mitigation

Microsoft has disabled a fix for a BitLocker security feature bypass vulnerability due to firmware incompatibility issues that were causing patched Windows devices to go into BitLocker recovery mode. Tracked as CVE-2024-38058, this important severity security flaw can let attackers bypass the BitLocker Device Encryption feature and access encrypted data with physical access to the […]

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems using IPv6, which is enabled by default. Found by Kunlun Lab’s XiaoWei and tracked as CVE-2024-38063, this security bug is caused by an Integer Underflow weakness, which attackers could exploit […]

GitHub Actions artifacts found leaking auth tokens in popular projects

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD workflows. Attackers stealing these tokens could gain unauthorized access to private repositories, steal source code, or inject malicious code into projects. The discovery by Palo Alto Networks’ Unit 42 […]

NIST releases first encryption tools to resist quantum computing

The U.S. National Institute of Standards and Technology (NIST) has released the first three encryption standards designed to resist future cyberattacks based on quantum computing technology. The agency encourages system administrators to start the transition to the new algorithms as soon as possible, since timely adoption is paramount for protecting sensitive information from attackers with a […]

Microsoft retires Windows updates causing 0x80070643 errors

Microsoft has retired several Windows security updates released during the January 2024 Patch Tuesday that have been causing 0x80070643 errors when installing Windows Recovery Environment (WinRE) updates. Redmond first acknowledged this known issue in January, days after widespread reports from Windows users of 0x80070643 errors. The company released the problematic KB5034441 (Windows 10 21H2/22H2), KB5034440 […]

AutoCanada discloses cyberattack impacting internal IT systems

Hackers targeted AutoCanada in a cyberattack last Sunday that impacted the automobile dealership group’s internal IT systems, which may lead to disruptions. The company says that it took action immediately after detecting the incident to protect its network and data. External cybersecurity experts have been contracted to help with containment and remediation efforts. The investigation […]