Updated on 2022-09-30 In an ongoing cyberespionage campaign, the hacking group Witchetty has been found targeting two governments in the Middle East and a stock exchange in Africa. It is believed that Witchetty has close ties with the state-backed Chinese threat actor APT10, aka Cicada, and is also a part of the TA410 operatives. Read …

Updated on 2022-09-30 Zero-day remote code execution vulnerabilities in Microsoft Exchange servers are being actively exploited, according to researchers from GTSC. The flaws can be chained to deploy web shells on vulnerable servers. The GTSC researchers notified Microsoft of the vulnerabilities three weeks ago via the Zero Day Initiative, which has given them identifiers: ZDI-CAN-18333 …

Updated on 2022-09-30 Mandiant discovered new espionage-related malware families—VIRTUALPITA and VIRTUALPIE—targeting VMware ESXi, Windows virtual machines, and Linux vCenter servers— to gain persistent administrative access. Read more: Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors Overview Mandiant discovered a new persistence technique used against VMWare ESXi systems where threat actors gained access …

Updated on 2022-09-30 ZINC, a North Korean government hacking group and an affiliate of Lazarus, has been found weaponizing several open source software, including KiTTY, PuTTY, TightVNC, muPDF/Subliminal Recording, and Sumatra PDF Reader with custom malware capable of espionage, financial gain, data theft, and network destruction. Read more: North Korean Gov Hackers Caught Rigging Legit …

More on that in a minute — but first, the subject at hand today: thoughtful Pixel features that’ll enhance your life and help you out in some significant ways. Ready? A way to “listen” to something in silence Picture this: You’re sitting somewhere relatively quiet — a place where only a barbarian would be boorish …

Google wants to change the way you search Google just rolled out its vision for the future of search, and it’s all about making it easier to find what you need. For years, mastering search has meant learning the rules — knowing how to structure a query to get the results you want. As The …

Here are some super-handy and all-too-easy-to-overlook ways to do that on your favorite Pixel phone: A personal transcription genie If you ever have something you need to transcribe — a lecture, an interview, an important conversation, you name it — stop screwing around with old-fashioned and overly expensive solutions and just let your Pixel do …

Microsoft Bookings is part of Microsoft 365 suite of products. It is currently available on the Web, as a Teams App and also as Mobile Apps on Google Play store and Apple App store. We will be retiring the Mobile Apps for Android and IOS on December 1, 2022 and we will be investing our …

As recently announced, Microsoft Office is shipping a new feature that enables PDFs created from Office using Export to PDF to inherit the source document’s labels or encryption. Some VBA add-ins may need to be updated to avoid issues when post-processing an encrypted PDF. With this rollout, we are introducing a temporary mitigation to allow …

A common request from Exchange Online admins is for the ability to customize the message expiration timeout interval for messages sent by users in their organization. When a message in Exchange Online can’t be delivered or sent due to a temporary error, the message is queued for subsequent retries until either the message is delivered …

Microsoft Bookings is part of the Microsoft 365 Suite of products and is available through most commercial SKUs. It is available on the Web. The new version of Bookings was launched last year and is the default experience for all new users. This version introduces many new features. Currently, users have the option to switch …

Updated on 2022-09-30 Researchers from Lumen’s Black Lotus Labs “recently uncovered a multifunctional Go-based malware that was developed for both Windows and Linux.” Dubbed Chaos, the malware uses infected devices for cryptomining and launching distributed denial-of-service (DDoS) attacks. Note While Chaos appears to have roots in the Kanji malware, it is considerably more advanced. This …

Updated on 2022-09-29 The US Internal Revenue Service issued an alert this week warning about a “significant increase” in IRS-themed texting scams aimed at stealing personal and financial information. Read more: IRS reports significant increase in texting scams; warns taxpayers to remain vigilant So far in 2022, the IRS has identified and reported thousands of …

Updated on 2022-09-29: FastCompany hacked News media outlet FastCompany said that a threat actor hacked its CMS on Tuesday and sent out obscene and racist push notifications to its customers through its Apple News account, which was connected to the CMS backend. Fast Company’s Apple News account was hacked on Tuesday evening. Two obscene and …

Live streaming service Twitch dealt with a major bot attack this week and was forced to block logins from exotic browsers to prevent a threat actor from mass-creating new accounts to be used in future hate raids. According to a developer who creates Twitch-centered software, more than 4 million new accounts were created over the …