Windows 10 KB5005101 Cumulative Update released with 34 fixes

Microsoft has released the optional KB5005101 Preview cumulative update for Windows 10 2004, Windows 10 20H2, and Windows 10 21H1 with fixes for thirty-four issues. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5005101-cumulative-update-released-with-34-fixes/

Windows Terminal now lets you drag and drop folders to open tabs

Microsoft released Windows Terminal Preview v1.11 yesterday, and comes numerous improvements and features, including the ability to open a Terminal window by dropping a folder on the new tab button. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-terminal-now-lets-you-drag-and-drop-folders-to-open-tabs/

Autodesk reveals it was targeted by Russian SolarWinds hackers

Autodesk has confirmed that it was also targeted by the Russian state hackers behind the large-scale SolarWinds Orion supply-chain attack, almost nine months after discovering that one of its servers was backdoored with Sunburst malware. [...]

https://www.bleepingcomputer.com/news/security/autodesk-reveals-it-was-targeted-by-russian-solarwinds-hackers/

Cisco fixes critical authentication bypass bug with public exploit

Cisco has addressed an almost maximum severity authentication bypass Enterprise NFV Infrastructure Software (NFVIS) vulnerability with public proof-of-concept (PoC) exploit code. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-authentication-bypass-bug-with-public-exploit/

WhatsApp to appeal $266 million fine for violating EU privacy laws

Ireland's Data Privacy Commissioner (DPC) has hit Facebook-owned messaging platform WhatsApp with a €225 million ($266 million) administrative fine for violating the EU's GDPR privacy regulation after failing to inform users and non-users on what it does with their data. [...]

https://www.bleepingcomputer.com/news/security/whatsapp-to-appeal-266-million-fine-for-violating-eu-privacy-laws/

Microsoft releases first Windows 11 "Nickel" build to Insiders

Microsoft has released the first Windows 11 "Nickel" preview build 22449 to Windows Insiders in the 'Dev' channel, allowing them to test out new unstable features that are still being developed. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-first-windows-11-nickel-build-to-insiders/

FBI warns of ransomware gangs targeting food, agriculture orgs

The FBI says ransomware gangs are actively targeting and disrupting the operations of organizations in the food and agriculture sector, causing financial loss and directly affecting the food supply chain. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-ransomware-gangs-targeting-food-agriculture-orgs/

Atlassian Confluence flaw actively exploited to install cryptominers

Hackers are actively scanning for and exploiting a recently disclosed Atlassian Confluence remote code execution vulnerability to install cryptominers after a PoC exploit was publicly released. [...]

https://www.bleepingcomputer.com/news/security/atlassian-confluence-flaw-actively-exploited-to-install-cryptominers/

Translated Conti ransomware playbook gives insight into attacks

Almost a month after a disgruntled Conti affiliate leaked the gang's attack playbook, security researchers shared a translated variant that clarifies on any misinterpretation caused by automated translation. [...]

https://www.bleepingcomputer.com/news/security/translated-conti-ransomware-playbook-gives-insight-into-attacks/

Bluetooth BrakTooth bugs could affect billions of devices

Vulnerabilities collectively referred to as BrakTooth are affecting Bluetooth stacks implemented on system-on-a-chip (SoC) circuits from over a dozen vendors. [...]

https://www.bleepingcomputer.com/news/security/bluetooth-braktooth-bugs-could-affect-billions-of-devices/

Over 60,000 parked domains were left up for hijacking

Domain registrar MarkMonitor had left more than 60,000 parked domains vulnerable to domain hijacking. The parked domains were seen pointing to nonexistent Amazon S3 bucket addresses, hinting that there existed a domain takeover weakness. [...]

https://www.bleepingcomputer.com/news/security/over-60-000-parked-domains-were-left-up-for-hijacking/

FBI: Spike in sextortion attacks cost victims $8 million this year

The FBI Internet Crime Complaint Center (IC3) has warned of a massive increase in sextortion complaints since the start of 2021, resulting in total financial losses of more than $8 million until the end of July. [...]

https://www.bleepingcomputer.com/news/security/fbi-spike-in-sextortion-attacks-cost-victims-8-million-this-year/

Microsoft releases Windows 11 feature update for enterprise testing

Microsoft has released Windows 11 and Windows 10, version 21H2 feature updates for enterprise testing before they will be released later this year. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-11-feature-update-for-enterprise-testing/

Conti ransomware now hacking Exchange servers with ProxyShell exploits

The Conti ransomware gang is hacking into Microsoft Exchange servers and breaching corporate networks using recently disclosed ProxyShell vulnerability exploits. [...]

https://www.bleepingcomputer.com/news/security/conti-ransomware-now-hacking-exchange-servers-with-proxyshell-exploits/

Babuk ransomware's full source code leaked on hacker forum

A threat actor has leaked the complete source code for the Babuk ransomware on a Russian-speaking hacking forum. [...]

https://www.bleepingcomputer.com/news/security/babuk-ransomwares-full-source-code-leaked-on-hacker-forum/

US govt warns orgs to patch massively exploited Confluence bug

US Cyber Command (USCYBERCOM) has issued a rare alert today urging US organizations to patch a massively exploited Atlassian Confluence critical vulnerability immediately. [...]

https://www.bleepingcomputer.com/news/security/us-govt-warns-orgs-to-patch-massively-exploited-confluence-bug/

Microsoft breaks Windows 11 Start Menu, Taskbar with Teams promo

Microsoft accidentally broke the Start menu and taskbar on systems of Windows Insiders after pushing a Teams promo to the desktops of users running Windows 11 preview builds. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-breaks-windows-11-start-menu-taskbar-with-teams-promo/

The Week in Ransomware - September 3rd 2021 - Targeting Exchange

Over the past two weeks, it has been busy with ransomware news ranging from a gang shutting down and releasing a master decryption key to threat actors turning to Microsoft Exchange exploits to breach networks. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-3rd-2021-targeting-exchange/

Windows 11 may not get security updates on unsupported devices

Microsoft is turning a blind eye to a loophole that allows you to install Windows 11 on incompatible hardware but warns that your device may no longer receive security updates. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-may-not-get-security-updates-on-unsupported-devices/

US SEC: Watch out for Hurricane Ida-related investment scams

The US Securities and Exchange Commission has warned investors to be "extremely wary" of potential investment scams related to Hurricane Ida's aftermath. [...]

https://www.bleepingcomputer.com/news/security/us-sec-watch-out-for-hurricane-ida-related-investment-scams/

Watch out for new malware campaign”s 'Windows 11 Alpha' attachment

Relying on a simple recipe that has proved successful time and time again, threat actors have deployed a malware campaign recently that used a Windows 11 theme to lure recipients into activating malicious code placed inside Microsoft Word documents. [...]

https://www.bleepingcomputer.com/news/security/watch-out-for-new-malware-campaign-s-windows-11-alpha-attachment/