@www.helpnetsecurity.com
//
Russian hackers have found a way to bypass Gmail's multi-factor authentication (MFA) to conduct targeted attacks against academics and critics engaging with Russia discussions. According to Google Threat Intelligence Group (GTIG), the hackers are using stolen app passwords obtained through sophisticated and personalized social engineering attacks. These attacks involve posing as U.S. Department of State officials to build rapport with targets, eventually convincing them to create and share app-specific passwords.
App passwords are 16-digit codes that Google generates to allow certain apps or devices to access a Google Account, bypassing the usual second verification step of MFA. While useful for older or less secure apps that can't handle MFA, app passwords lack the extra layer of security, making them vulnerable to theft or phishing. In one instance, the attackers, tracked as UNC6293 and believed to be state-sponsored, contacted a target under the guise of a State Department representative, inviting them to a consultation in a private online conversation, further lending credibility by CCing four @state.gov accounts. This campaign, which took place between April and early June, involved meticulously crafted phishing messages that didn't rush the target into immediate action. Instead, the hackers focused on building trust through personalized emails and invitations to private conversations, using spoofed '@state.gov' addresses in the CC field to build credibility. Keir Giles, a prominent British researcher on Russia, was one such target. Google's researchers uncovered the slow-paced nature attackers used to build rapports with their victims, often sending them personalized emails and inviting them to private conversations or meetings. References :
Classification:
@borncity.com
//
Microsoft has confirmed that the May 2025 security updates for Windows 10 and Windows 11 are triggering BitLocker recovery issues on some systems. Specifically, cumulative update KB5058379, released on May 13, 2025, for Windows 10 22H2, is causing the operating system to request the BitLocker recovery key upon boot. In some instances, affected systems are hanging, effectively locking users out of their devices. The problem appears to extend to Windows 11 as well, with reports indicating similar BitLocker recovery prompts after installing the update.
Microsoft has acknowledged the issue and posted a support article in the Windows Release Health dashboard of Windows Server 10 22H2. The company stated that after installing KB5058379, Windows 10 22H2 might repeatedly display the BitLocker recovery screen at startup. The issue is particularly prevalent on devices with Intel Trusted Execution Technology (TXT) enabled on Intel vPro processors of the 10th generation or later. Microsoft has identified that the update can cause lsass.exe to terminate unexpectedly, triggering an automatic repair and subsequently prompting for the BitLocker recovery key. The BitLocker recovery issue is causing widespread disruption, especially for businesses, with IT departments reporting numerous devices simultaneously stuck at the recovery prompt. While BitLocker typically only requests the recovery key after significant hardware or firmware changes, KB5058379 is triggering the prompt unexpectedly, even when no such changes have occurred. In addition to the BitLocker prompts, some users are reporting Blue Screens of Death (BSOD) during or immediately after the update process. While Microsoft works on a fix, IT professionals have found that disabling Intel Trusted Execution Technology (TXT) in the BIOS allows the update to complete without triggering the BitLocker prompt. References :
Classification:
|