Microsoft: Israeli firm used Windows zero-days to deploy spyware
Microsoft and Citizen Lab have linked Israeli spyware company Candiru (also tracked as Sourgum) to new Windows spyware dubbed DevilsTongue deployed using now patched Windows zero-day vulnerabilities. [...]
https://www.bleepingcomputer.com/news/security/microsoft-israeli-firm-used-windows-zero-days-to-deploy-spyware/
Microsoft and Citizen Lab have linked Israeli spyware company Candiru (also tracked as Sourgum) to new Windows spyware dubbed DevilsTongue deployed using now patched Windows zero-day vulnerabilities. [...]
https://www.bleepingcomputer.com/news/security/microsoft-israeli-firm-used-windows-zero-days-to-deploy-spyware/
BleepingComputer
Microsoft: Israeli firm used Windows zero-days to deploy spyware
Microsoft and Citizen Lab have linked Israeli spyware company Candiru (also tracked as Sourgum) to new Windows spyware dubbed DevilsTongue deployed using now patched Windows zero-day vulnerabilities.
Microsoft's print nightmare continues with malicious driver packages
Microsoft's print nightmare continues with another example of how a threat actor can achieve SYSTEM privileges by abusing malicious printer drivers. [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-print-nightmare-continues-with-malicious-driver-packages/
Microsoft's print nightmare continues with another example of how a threat actor can achieve SYSTEM privileges by abusing malicious printer drivers. [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-print-nightmare-continues-with-malicious-driver-packages/
BleepingComputer
Windows print nightmare continues with malicious driver packages
Microsoft's print nightmare continues with another example of how a threat actor can achieve SYSTEM privileges by abusing malicious printer drivers.
Microsoft unveils Windows 11's beautiful new context menus
Windows 11 preview build 22000.71 is now live in the Dev Channel of the Windows Insider program and it comes with visual improvements for the context menu and various right-click menus. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-unveils-windows-11s-beautiful-new-context-menus/
Windows 11 preview build 22000.71 is now live in the Dev Channel of the Windows Insider program and it comes with visual improvements for the context menu and various right-click menus. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-unveils-windows-11s-beautiful-new-context-menus/
BleepingComputer
Microsoft unveils Windows 11's beautiful new context menus
Windows 11 preview build 22000.71 is now live in the Dev Channel of the Windows Insider program and it comes with visual improvements for the context menu and various right-click menus.
Windows 10 21H2 has been released for testing, but not for everyone
Microsoft has officially announced the Windows 10 21H2 feature update (build 19044.1147) and released the first preview build to Insiders for testing. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-21h2-has-been-released-for-testing-but-not-for-everyone/
Microsoft has officially announced the Windows 10 21H2 feature update (build 19044.1147) and released the first preview build to Insiders for testing. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-21h2-has-been-released-for-testing-but-not-for-everyone/
BleepingComputer
Windows 10 21H2 has been released for testing, but not for everyone
Microsoft has officially announced the Windows 10 21H2 feature update (build 19044.1147) and released the first preview build to Insiders for testing.
Microsoft shares guidance on new Windows Print Spooler vulnerability
Microsoft is sharing mitigation guidance on a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was disclosed tonight. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-guidance-on-new-windows-print-spooler-vulnerability/
Microsoft is sharing mitigation guidance on a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was disclosed tonight. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-guidance-on-new-windows-print-spooler-vulnerability/
BleepingComputer
Microsoft shares guidance on new Windows Print Spooler vulnerability
Microsoft is sharing mitigation guidance on a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was disclosed tonight.
Google patches 8th Chrome zero-day exploited in the wild this year
Google has released Chrome 91.0.4472.164 for Windows, Mac, and Linux to fix seven security vulnerabilities, one of them a high severity zero-day vulnerability exploited in the wild. [...]
https://www.bleepingcomputer.com/news/security/google-patches-8th-chrome-zero-day-exploited-in-the-wild-this-year/
Google has released Chrome 91.0.4472.164 for Windows, Mac, and Linux to fix seven security vulnerabilities, one of them a high severity zero-day vulnerability exploited in the wild. [...]
https://www.bleepingcomputer.com/news/security/google-patches-8th-chrome-zero-day-exploited-in-the-wild-this-year/
BleepingComputer
Google patches 8th Chrome zero-day exploited in the wild this year
Google has released Chrome 91.0.4472.164 for Windows, Mac, and Linux to fix seven security vulnerabilities, one of them a high severity zero-day vulnerability exploited in the wild.
Cloudflare fixes CDN code execution bug affecting 12.7% of all sites
Cloudflare has fixed a critical vulnerability in its free and open-source CDNJS potentially impacting 12.7% of all websites on the internet. CDNJS serves millions of websites with over 4,000 JavaScript and CSS libraries stored publicly on GitHub, making it the second-largest JavaScript CDN. [...]
https://www.bleepingcomputer.com/news/security/cloudflare-fixes-cdn-code-execution-bug-affecting-127-percent-of-all-sites/
Cloudflare has fixed a critical vulnerability in its free and open-source CDNJS potentially impacting 12.7% of all websites on the internet. CDNJS serves millions of websites with over 4,000 JavaScript and CSS libraries stored publicly on GitHub, making it the second-largest JavaScript CDN. [...]
https://www.bleepingcomputer.com/news/security/cloudflare-fixes-cdn-code-execution-bug-affecting-127-percent-of-all-sites/
BleepingComputer
Critical Cloudflare CDN flaw allowed compromise of 12% of all sites
Cloudflare has fixed a critical vulnerability in its free and open-source CDNJS potentially impacting 12.7% of all websites on the internet. CDNJS serves millions of websites with over 4,000 JavaScript and CSS libraries stored publicly on GitHub, making itβ¦
Microsoft Defender for Identity now detects PrintNightmare attacks
Microsoft has added support for PrintNightmare exploitation detection to Microsoft Defender for Identity to help Security Operations teams detect attackers' attempts to abuse this critical vulnerability. [...]
https://www.bleepingcomputer.com/news/security/microsoft-defender-for-identity-now-detects-printnightmare-attacks/
Microsoft has added support for PrintNightmare exploitation detection to Microsoft Defender for Identity to help Security Operations teams detect attackers' attempts to abuse this critical vulnerability. [...]
https://www.bleepingcomputer.com/news/security/microsoft-defender-for-identity-now-detects-printnightmare-attacks/
BleepingComputer
Microsoft Defender for Identity now detects PrintNightmare attacks
Microsoft has added support for PrintNightmare exploitation detection to Microsoft Defender for Identity to help Security Operations teams detect attackers' attempts to abuse this critical vulnerability.
D-Link issues hotfix for hard-coded password router vulnerabilities
D-Link has issued a hotfix to address multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router that can allow attackers to execute arbitrary code on unpatched routers, gain access to sensitive information, or crash the routers after triggering a denial of service state. [...]
https://www.bleepingcomputer.com/news/security/d-link-issues-hotfix-for-hard-coded-password-router-vulnerabilities/
D-Link has issued a hotfix to address multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router that can allow attackers to execute arbitrary code on unpatched routers, gain access to sensitive information, or crash the routers after triggering a denial of service state. [...]
https://www.bleepingcomputer.com/news/security/d-link-issues-hotfix-for-hard-coded-password-router-vulnerabilities/
BleepingComputer
D-Link issues hotfix for hard-coded password router vulnerabilities
D-Link has issued a hotfix to address multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router that can allow attackers to execute arbitrary code on unpatched routers, gain access to sensitive information, or crash the routers afterβ¦
Windows 10 21H2 preview released with new security features
Microsoft has officially announced the Windows 10 21H2 feature update (build 19044.1147) and released the first preview build to Insiders for testing. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-21h2-preview-released-with-new-security-features/
Microsoft has officially announced the Windows 10 21H2 feature update (build 19044.1147) and released the first preview build to Insiders for testing. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-21h2-preview-released-with-new-security-features/
BleepingComputer
Windows 10 21H2 preview released with new security features
Microsoft has officially announced the Windows 10 21H2 feature update (build 19044.1147) and released the first preview build to Insiders for testing.
US govt offers $10 million reward for tips on nation-state hackers
The United States government has taken two more active measures to fight and defend against malicious cyber activities affecting the country's business and critical infrastructure sectors. [...]
https://www.bleepingcomputer.com/news/security/us-govt-offers-10-million-reward-for-tips-on-nation-state-hackers/
The United States government has taken two more active measures to fight and defend against malicious cyber activities affecting the country's business and critical infrastructure sectors. [...]
https://www.bleepingcomputer.com/news/security/us-govt-offers-10-million-reward-for-tips-on-nation-state-hackers/
BleepingComputer
US govt offers $10 million reward for tips on nation-state hackers
The United States government has taken two more active measures to fight and defend against malicious cyber activities affecting the country's business and critical infrastructure sectors.
The Week in Ransomware - July 16th 2021 - REvil disappears
Ransomware operations have been quieter this week as the White House engages in talks with the Russian government about cracking down on cybercriminals believed to be operating in Russia. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-16th-2021-revil-disappears/
Ransomware operations have been quieter this week as the White House engages in talks with the Russian government about cracking down on cybercriminals believed to be operating in Russia. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-16th-2021-revil-disappears/
BleepingComputer
The Week in Ransomware - July 16th 2021 - REvil disappears
Ransomware operations have been quieter this week as the White House engages in talks with the Russian government about cracking down on cybercriminals believed to be operating in Russia.
Cyberattack on Moldova's Court of Accounts destroyed public audits
βMoldova's "Court of Accounts" has suffered a cyberattack leading to the agency's public databases and audits being destroyed. [...]
https://www.bleepingcomputer.com/news/security/cyberattack-on-moldovas-court-of-accounts-destroyed-public-audits/
βMoldova's "Court of Accounts" has suffered a cyberattack leading to the agency's public databases and audits being destroyed. [...]
https://www.bleepingcomputer.com/news/security/cyberattack-on-moldovas-court-of-accounts-destroyed-public-audits/
BleepingComputer
Cyberattack on Moldova's Court of Accounts destroyed public audits
βMoldova's "Court of Accounts" has suffered a cyberattack leading to the agency's public databases and audits being destroyed.
Can't download Windows 10 21H2? Here's how to get it
Microsoft released the first preview build of Windows 10 21H2 this week, but it is not being offered to everyone at this time. However, for those who want to test the new build now, a way has been discovered that allows anyone to upgrade to the new feature update. [...]
https://www.bleepingcomputer.com/news/microsoft/cant-download-windows-10-21h2-heres-how-to-get-it/
Microsoft released the first preview build of Windows 10 21H2 this week, but it is not being offered to everyone at this time. However, for those who want to test the new build now, a way has been discovered that allows anyone to upgrade to the new feature update. [...]
https://www.bleepingcomputer.com/news/microsoft/cant-download-windows-10-21h2-heres-how-to-get-it/
BleepingComputer
Can't download Windows 10 21H2? Here's how to get it
Microsoft released the first preview build of Windows 10 21H2 this week, but it is not being offered to everyone at this time. However, for those who want to test the new build now, a way has been discovered that allows anyone to upgrade to the new featureβ¦
Ecuador's state-run CNT telco hit by RansomEXX ransomware
Ecuador's state-run CorporaciΓ³n Nacional de TelecomunicaciΓ³n (CNT) has suffered a ransomware attack that has disrupted business operations, the payment portal, and customer support. [...]
https://www.bleepingcomputer.com/news/security/ecuadors-state-run-cnt-telco-hit-by-ransomexx-ransomware/
Ecuador's state-run CorporaciΓ³n Nacional de TelecomunicaciΓ³n (CNT) has suffered a ransomware attack that has disrupted business operations, the payment portal, and customer support. [...]
https://www.bleepingcomputer.com/news/security/ecuadors-state-run-cnt-telco-hit-by-ransomexx-ransomware/
BleepingComputer
Ecuador's state-run CNT telco hit by RansomEXX ransomware
Ecuador's state-run CorporaciΓ³n Nacional de TelecomunicaciΓ³n (CNT) has suffered a ransomware attack that has disrupted business operations, the payment portal, and customer support.
HelloKitty ransomware is targeting vulnerable SonicWall devices
CISA is warning of threat actors targeting "a known, previously patched, vulnerability" found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware. [...]
https://www.bleepingcomputer.com/news/security/hellokitty-ransomware-is-targeting-vulnerable-sonicwall-devices/
CISA is warning of threat actors targeting "a known, previously patched, vulnerability" found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware. [...]
https://www.bleepingcomputer.com/news/security/hellokitty-ransomware-is-targeting-vulnerable-sonicwall-devices/
BleepingComputer
HelloKitty ransomware is targeting vulnerable SonicWall devices
CISA is warning of threat actors targeting "a known, previously patched, vulnerability" found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware.
Windows 11βs subsystem for Android - What we know so far
With Windows 11, Microsoft is planning to integrate Amazon Appstore into Windows 11's Microsoft Store. Here's everything we know so far. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-s-subsystem-for-android-what-we-know-so-far/
With Windows 11, Microsoft is planning to integrate Amazon Appstore into Windows 11's Microsoft Store. Here's everything we know so far. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-s-subsystem-for-android-what-we-know-so-far/
BleepingComputer
Windows 11βs subsystem for Android - What we know so far
With Windows 11, Microsoft is planning to integrate Amazon Appstore into Windows 11's Microsoft Store. Here's everything we know so far.
Comparis customers targeted by scammers after ransomware attack
Leading Swiss price comparison platform Comparis has notified customers of a data breach following a ransomware attack that hit and took down its entire network last week. [...]
https://www.bleepingcomputer.com/news/security/comparis-customers-targeted-by-scammers-after-ransomware-attack/
Leading Swiss price comparison platform Comparis has notified customers of a data breach following a ransomware attack that hit and took down its entire network last week. [...]
https://www.bleepingcomputer.com/news/security/comparis-customers-targeted-by-scammers-after-ransomware-attack/
BleepingComputer
Comparis customers targeted by scammers after ransomware attack
Leading Swiss price comparison platform Comparis has notified customers of a data breach following a ransomware attack that hit and took down its entire network last week.
Ransomware hits law firm counseling Fortune 500, Global 500 companies
Campbell Conroy & O'Neil, P.C. (Campbell), a US law firm counseling dozens of Fortune 500 and Global 500 companies, has disclosed a data breach following a February 2021 ransomware attack. [...]
https://www.bleepingcomputer.com/news/security/ransomware-hits-law-firm-counseling-fortune-500-global-500-companies/
Campbell Conroy & O'Neil, P.C. (Campbell), a US law firm counseling dozens of Fortune 500 and Global 500 companies, has disclosed a data breach following a February 2021 ransomware attack. [...]
https://www.bleepingcomputer.com/news/security/ransomware-hits-law-firm-counseling-fortune-500-global-500-companies/
BleepingComputer
Ransomware hits law firm counseling Fortune 500, Global 500 companies
Campbell Conroy & O'Neil, P.C. (Campbell), a US law firm counseling dozens of Fortune 500 and Global 500 companies, has disclosed a data breach following a February 2021 ransomware attack.
New Windows print spooler zero day exploitable via remote print servers
Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker's control and the 'Queue-Specific Files' feature. [...]
https://www.bleepingcomputer.com/news/microsoft/new-windows-print-spooler-zero-day-exploitable-via-remote-print-servers/
Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker's control and the 'Queue-Specific Files' feature. [...]
https://www.bleepingcomputer.com/news/microsoft/new-windows-print-spooler-zero-day-exploitable-via-remote-print-servers/
BleepingComputer
New Windows print spooler zero day exploitable via remote print servers
Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker's control and the 'Queue-Specific Files' feature.
Windows 11 features, expected release date, and latest news
Microsoft has released the next version of Windows called "Windows 11" and it is coming later this year. Windows 11 is the successor to Windows 10 and it's a big update with tons of new features, redesigned Start Menu, and more. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-features-expected-release-date-and-latest-news/
Microsoft has released the next version of Windows called "Windows 11" and it is coming later this year. Windows 11 is the successor to Windows 10 and it's a big update with tons of new features, redesigned Start Menu, and more. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-features-expected-release-date-and-latest-news/
BleepingComputer
Windows 11 features, expected release date, and latest news
Microsoft has released the next version of Windows called "Windows 11" and it is coming later this year. Windows 11 is the successor to Windows 10 and it's a big update with tons of new features, redesigned Start Menu, and more.