Critical Microsoft Hyper-V bug could haunt orgs for a long time

Technical details are now available for a vulnerability that affects Hyper-V, Microsoft's native hypervisor for creating virtual machines on Windows systems and in Azure cloud computing environment. [...]

https://www.bleepingcomputer.com/news/security/critical-microsoft-hyper-v-bug-could-haunt-orgs-for-a-long-time/

Google: Android apps must provide privacy information by April 2022

Google has announced today more details regarding their upcoming Google Play 'Safety section' feature that provides users information about the data collected and used by an Android app. [...]

https://www.bleepingcomputer.com/news/google/google-android-apps-must-provide-privacy-information-by-april-2022/

Google Play Protect fails Android security tests once more

Google Play Protect, the Android built-in malware defense system, has failed the real-world tests of antivirus testing lab AV-TEST after detecting just over two thirds out of more than 20,000 malicious apps it was pitted against. [...]

https://www.bleepingcomputer.com/news/security/google-play-protect-fails-android-security-tests-once-more/

Biden: Severe cyberattacks could escalate to 'real shooting war'

President Joe Biden warned that cyberattacks leading to severe security breaches could lead to a "real shooting war" with another major world power. [...]

https://www.bleepingcomputer.com/news/security/biden-severe-cyberattacks-could-escalate-to-real-shooting-war/

New US security memorandum bolsters critical infrastructure cybersecurity

US President Joe Biden today issued a national security memorandum designed to help strengthen the security of critical infrastructure by setting baseline performance goals for critical infrastructure owners and operators. [...]

https://www.bleepingcomputer.com/news/security/new-us-security-memorandum-bolsters-critical-infrastructure-cybersecurity/

Grief ransomware operation is DoppelPaymer rebranded

After a period of little to no activity, the DoppelPaymer ransomware operation has made a rebranding move, now going by the name Grief (a.k.a. Pay or Grief). [...]

https://www.bleepingcomputer.com/news/security/grief-ransomware-operation-is-doppelpaymer-rebranded/

Chipotle’s marketing account hacked to send phishing emails

Hackers have compromised an email marketing account belonging to the Chipotle food chain and used it to send out phishing emails luring recipients to malicious links. [...]

https://www.bleepingcomputer.com/news/security/chipotle-s-marketing-account-hacked-to-send-phishing-emails/

New destructive Meteor wiper malware used in Iranian railway attack

A new file wiping malware called Meteor was discovered used in the recent attacks against Iran's railway system. [...]

https://www.bleepingcomputer.com/news/security/new-destructive-meteor-wiper-malware-used-in-iranian-railway-attack/

NSA shares guidance on how to secure your wireless devices

The US National Security Agency (NSA) today published guidance on how to properly secure wireless devices against potential attacks targeting them when traveling or working remotely. [...]

https://www.bleepingcomputer.com/news/security/nsa-shares-guidance-on-how-to-secure-your-wireless-devices/

Windows 11 closer to release, latest build enters Beta Channel

Microsoft today announced that Windows 11 is getting more stable and closer to release, with the latest Insider build being promoted to the Beta Channel. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-closer-to-release-latest-build-enters-beta-channel/

Estonia arrests hacker who stole 286K ID scans from govt database

A Tallinn man was arrested a week ago in Estonia under suspicion that he has exploited a government photo transfer service vulnerability to download ID scans of 286,438 Estonians from the Identity Documents Database (KMAIS). [...]

https://www.bleepingcomputer.com/news/security/estonia-arrests-hacker-who-stole-286k-id-scans-from-govt-database/

Windows 10 KB5004296 Cumulative Update released with gaming fixes

Microsoft has released the optional KB5004296 Preview cumulative update for Windows 10 2004, Windows 10 20H2, and Windows 10 21H1. This update contains fixes for gaming issues experienced by Windows 10 users since March. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5004296-cumulative-update-released-with-gaming-fixes/

Microsoft shares mitigation for recent Windows Server printing issues

Microsoft has released temporary mitigation info for a known issue that might cause print and scan failures on multiple Windows Server versions after installing July 2021 security updates on domain controllers. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-recent-windows-server-printing-issues/

PyPI packages caught stealing credit card numbers, Discord tokens

The Python Package Index (PyPI) registry has removed several Python packages this week aimed at stealing users' credit card numbers, Discord tokens, and granting arbitrary code execution capabilities to attackers. These malicious packages were downloaded over 30,000 times according to the researchers who caught them. [...]

https://www.bleepingcomputer.com/news/security/pypi-packages-caught-stealing-credit-card-numbers-discord-tokens/

Google to block logins on old Android devices starting September

Google is emailing Android users to let them know that, starting late September, they will no longer be able to log in to their Google accounts on devices running Android 2.3.7 (Gingerbread) and lower. [...]

https://www.bleepingcomputer.com/news/google/google-to-block-logins-on-old-android-devices-starting-september/

Linux eBPF bug gets root privileges on Ubuntu - Exploit released

A security researcher released exploit code for a high-severity vulnerability in Linux kernel eBPF (Extended Berkeley Packet Filter) that can give an attacker increased privileges on Ubuntu machines. [...]

https://www.bleepingcomputer.com/news/security/linux-ebpf-bug-gets-root-privileges-on-ubuntu-exploit-released/

Amazon gets $888 million GDPR fine for behavioral advertising

Amazon has quietly been hit with a record-breaking €746 million fine for alleged GDPR violations regarding how it performs targeted behavioral advertising. [...]

https://www.bleepingcomputer.com/news/technology/amazon-gets-888-million-gdpr-fine-for-behavioral-advertising/

Windows 10 now lets you install WSL with a single command

Microsoft says the Windows Subsystem for Linux (WSL) can now be installed on Windows 10, version 2004 or later using a single terminal command. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-now-lets-you-install-wsl-with-a-single-command/

CISA launches vulnerability disclosure platform for federal agencies

The Cybersecurity and Infrastructure Security Agency (CISA) today launched a new vulnerability disclosure policy (VDP) platform for US federal civilian agencies. [...]

https://www.bleepingcomputer.com/news/security/cisa-launches-vulnerability-disclosure-platform-for-federal-agencies/

Node.js fixes severe HTTP bug that could let attackers crash apps

Node.js has released updates for a high severity vulnerability that could be exploited by attackers to crash the process and cause unexpected behaviors. The use-after-free vulnerability, tracked as CVE-2021-22930 is to do with how HTTP2 streams are handled in the language. [...]

https://www.bleepingcomputer.com/news/security/nodejs-fixes-severe-http-bug-that-could-let-attackers-crash-apps/

The Week in Ransomware - July 30th 2021 - €1 billion saved

Ransomware continues to be active this week, with new threat actors releasing new features, No More Ransom turning five, and a veteran group rebrands. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-30th-2021-1-billion-saved/