Windows 11 stock photo leaks upcoming Microsoft Paint redesign

An official stock photo of Windows 11 has accidentally revealed the upcoming redesign of the Microsoft Paint application. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-stock-photo-leaks-upcoming-microsoft-paint-redesign/

Windows 11 future updates: Here's everything you need to know

With Windows 11, Microsoft is retaining Windows 10's servicing model known as 'Windows as a Service (WaaS)'. As part of WaaS, Microsoft plans to deliver an always up-to-date experience with the latest features and security updates. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-future-updates-heres-everything-you-need-to-know/

PwnedPiper critical bug set impacts major hospitals in North America

Pneumatic tube system (PTS) stations used in thousands of hospitals worldwide are vulnerable to a set of nine critical security issues collectively referred to as PwnedPiper. [...]

https://www.bleepingcomputer.com/news/security/pwnedpiper-critical-bug-set-impacts-major-hospitals-in-north-america/

Empty npm package '-' has over 700,000 downloads — here's why

A mysterious, one-letter npm package named "-" sitting on the registry since 2020 has received over 700,000 downloads. What's more? The package contains no functional code, so what makes it score so many downloads? [...]

https://www.bleepingcomputer.com/news/software/empty-npm-package-has-over-700-000-downloads-heres-why/

Windows PetitPotam attacks can be blocked using new method

Security researchers have devised a way to block the recently disclosed PetitPotam attack vector that allows hackers to take control of a Windows domain controller easily. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-petitpotam-attacks-can-be-blocked-using-new-method/

Microsoft's Windows 365 Cloud PC service is live - Costs from $24 to $162

Microsoft's Windows 365 Cloud PC service is now generally available, allowing businesses to deploy Windows 10 desktops in the cloud for prices ranging between $24 and $162 per device. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-windows-365-cloud-pc-service-is-live-costs-from-24-to-162/

Windows 10 to automatically block potentially unwanted apps

Microsoft Defender and Microsoft Edge on Windows 10 will automatically block potentially unwanted applications (PUAs) by default starting this month. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-to-automatically-block-potentially-unwanted-apps/

Google Chrome to no longer show secure website indicators

Google Chrome will no longer show whether a site you are visiting is secure and only show when you visit an insecure website. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-to-no-longer-show-secure-website-indicators/

Windows 11's October 2021 release date hinted in support docs

A planned October 2021 release date for Windows 11 has been accidentally leaked in support documents from both Microsoft and Intel. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11s-october-2021-release-date-hinted-in-support-docs/

RansomEXX ransomware hits Italy's Lazio region, affects COVID-19 site

The Lazio region in Italy has suffered a RansomEXX ransomware attack that has disabled the region's IT systems, including the COVID-19 vaccination registration portal. [...]

https://www.bleepingcomputer.com/news/security/ransomexx-ransomware-hits-italys-lazio-region-affects-covid-19-site/

Microsoft halts Windows 365 trials after running out of servers

Microsoft has suspended free trials of their newly launched Windows 365 Cloud PC service after running out of available servers. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-halts-windows-365-trials-after-running-out-of-servers/

NSA and CISA share Kubernetes security recommendations

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published comprehensive recommendations for strengthening the security of an organization's Kubernetes system. [...]

https://www.bleepingcomputer.com/news/security/nsa-and-cisa-share-kubernetes-security-recommendations/

New Cobalt Strike bugs allow takedown of attackers’ servers

Security researchers have discovered Cobalt Strike denial of service (DoS) vulnerabilities that allow blocking beacon command-and-control (C2) communication channels and new deployments. [...]

https://www.bleepingcomputer.com/news/security/new-cobalt-strike-bugs-allow-takedown-of-attackers-servers/

INFRA:HALT security bugs impact critical industrial control devices

High-severity and critical vulnerabilities collectively referred to as INFRA:HALT are affecting all versions of NicheStack below 4.3, a proprietary TCP/IP stack used by at least 200 industrial automation vendors, many in the leading segment of the market. [...]

https://www.bleepingcomputer.com/news/security/infra-halt-security-bugs-impact-critical-industrial-control-devices/

LockBit ransomware recruiting insiders to breach corporate networks

The LockBit 2.0 ransomware gang is actively recruiting corporate insiders to help them breach and encrypt networks. In return, the insider is promised million-dollar payouts. [...]

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-recruiting-insiders-to-breach-corporate-networks/

Windows admins now can block external devices via layered Group Policy

Microsoft has added support for layered Group Policies, which allow IT admins to control what internal or external devices users can be installed on corporate endpoints across their organization's network." [...]

https://www.bleepingcomputer.com/news/microsoft/windows-admins-now-can-block-external-devices-via-layered-group-policy/

Cisco fixes critical, high severity pre-auth flaws in VPN routers

Cisco has addressed pre-auth security vulnerabilities impacting multiple Small Business VPN routers and allowing remote attackers to trigger a denial of service condition or execute commands and arbitrary code on vulnerable devices. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-high-severity-pre-auth-flaws-in-vpn-routers/

Energy group ERG reports minor disruptions after ransomware attack

Italian energy company ERG reports "only a few minor disruptions" affecting its information and communications technology (ICT) infrastructure following a ransomware attack on its systems. [...]

https://www.bleepingcomputer.com/news/security/energy-group-erg-reports-minor-disruptions-after-ransomware-attack/

Microsoft Edge just got a 'Super Duper Secure Mode' upgrade

Microsoft has announced that the Edge Vulnerability Research team is experimenting with a new feature dubbed "Super Duper Secure Mode" and designed to bring security improvements without significant performance losses. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-just-got-a-super-duper-secure-mode-upgrade/

Telegram for Mac bug lets you save self-destructing messages forever

​Researchers have discovered a way for users on Telegram for Mac to keep specific self-destructing messages forever or view them without the sender ever knowing. [...]

https://www.bleepingcomputer.com/news/security/telegram-for-mac-bug-lets-you-save-self-destructing-messages-forever/

Google expects delays in enforcing 2FA for Chrome extension devs

Google says that enforcing two-step verification on Google accounts of Chrome Web Store developers will take longer than expected. [...]

https://www.bleepingcomputer.com/news/google/google-expects-delays-in-enforcing-2fa-for-chrome-extension-devs/