WhatsApp to appeal $266 million fine for violating EU privacy laws

Ireland's Data Privacy Commissioner (DPC) has hit Facebook-owned messaging platform WhatsApp with a €225 million ($266 million) administrative fine for violating the EU's GDPR privacy regulation after failing to inform users and non-users on what it does with their data. [...]

https://www.bleepingcomputer.com/news/security/whatsapp-to-appeal-266-million-fine-for-violating-eu-privacy-laws/

Microsoft releases first Windows 11 "Nickel" build to Insiders

Microsoft has released the first Windows 11 "Nickel" preview build 22449 to Windows Insiders in the 'Dev' channel, allowing them to test out new unstable features that are still being developed. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-first-windows-11-nickel-build-to-insiders/

FBI warns of ransomware gangs targeting food, agriculture orgs

The FBI says ransomware gangs are actively targeting and disrupting the operations of organizations in the food and agriculture sector, causing financial loss and directly affecting the food supply chain. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-ransomware-gangs-targeting-food-agriculture-orgs/

Atlassian Confluence flaw actively exploited to install cryptominers

Hackers are actively scanning for and exploiting a recently disclosed Atlassian Confluence remote code execution vulnerability to install cryptominers after a PoC exploit was publicly released. [...]

https://www.bleepingcomputer.com/news/security/atlassian-confluence-flaw-actively-exploited-to-install-cryptominers/

Translated Conti ransomware playbook gives insight into attacks

Almost a month after a disgruntled Conti affiliate leaked the gang's attack playbook, security researchers shared a translated variant that clarifies on any misinterpretation caused by automated translation. [...]

https://www.bleepingcomputer.com/news/security/translated-conti-ransomware-playbook-gives-insight-into-attacks/

Bluetooth BrakTooth bugs could affect billions of devices

Vulnerabilities collectively referred to as BrakTooth are affecting Bluetooth stacks implemented on system-on-a-chip (SoC) circuits from over a dozen vendors. [...]

https://www.bleepingcomputer.com/news/security/bluetooth-braktooth-bugs-could-affect-billions-of-devices/

Over 60,000 parked domains were left up for hijacking

Domain registrar MarkMonitor had left more than 60,000 parked domains vulnerable to domain hijacking. The parked domains were seen pointing to nonexistent Amazon S3 bucket addresses, hinting that there existed a domain takeover weakness. [...]

https://www.bleepingcomputer.com/news/security/over-60-000-parked-domains-were-left-up-for-hijacking/

FBI: Spike in sextortion attacks cost victims $8 million this year

The FBI Internet Crime Complaint Center (IC3) has warned of a massive increase in sextortion complaints since the start of 2021, resulting in total financial losses of more than $8 million until the end of July. [...]

https://www.bleepingcomputer.com/news/security/fbi-spike-in-sextortion-attacks-cost-victims-8-million-this-year/

Microsoft releases Windows 11 feature update for enterprise testing

Microsoft has released Windows 11 and Windows 10, version 21H2 feature updates for enterprise testing before they will be released later this year. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-11-feature-update-for-enterprise-testing/

Conti ransomware now hacking Exchange servers with ProxyShell exploits

The Conti ransomware gang is hacking into Microsoft Exchange servers and breaching corporate networks using recently disclosed ProxyShell vulnerability exploits. [...]

https://www.bleepingcomputer.com/news/security/conti-ransomware-now-hacking-exchange-servers-with-proxyshell-exploits/

Babuk ransomware's full source code leaked on hacker forum

A threat actor has leaked the complete source code for the Babuk ransomware on a Russian-speaking hacking forum. [...]

https://www.bleepingcomputer.com/news/security/babuk-ransomwares-full-source-code-leaked-on-hacker-forum/

US govt warns orgs to patch massively exploited Confluence bug

US Cyber Command (USCYBERCOM) has issued a rare alert today urging US organizations to patch a massively exploited Atlassian Confluence critical vulnerability immediately. [...]

https://www.bleepingcomputer.com/news/security/us-govt-warns-orgs-to-patch-massively-exploited-confluence-bug/

Microsoft breaks Windows 11 Start Menu, Taskbar with Teams promo

Microsoft accidentally broke the Start menu and taskbar on systems of Windows Insiders after pushing a Teams promo to the desktops of users running Windows 11 preview builds. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-breaks-windows-11-start-menu-taskbar-with-teams-promo/

The Week in Ransomware - September 3rd 2021 - Targeting Exchange

Over the past two weeks, it has been busy with ransomware news ranging from a gang shutting down and releasing a master decryption key to threat actors turning to Microsoft Exchange exploits to breach networks. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-3rd-2021-targeting-exchange/

Windows 11 may not get security updates on unsupported devices

Microsoft is turning a blind eye to a loophole that allows you to install Windows 11 on incompatible hardware but warns that your device may no longer receive security updates. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-may-not-get-security-updates-on-unsupported-devices/

US SEC: Watch out for Hurricane Ida-related investment scams

The US Securities and Exchange Commission has warned investors to be "extremely wary" of potential investment scams related to Hurricane Ida's aftermath. [...]

https://www.bleepingcomputer.com/news/security/us-sec-watch-out-for-hurricane-ida-related-investment-scams/

Watch out for new malware campaign”s 'Windows 11 Alpha' attachment

Relying on a simple recipe that has proved successful time and time again, threat actors have deployed a malware campaign recently that used a Windows 11 theme to lure recipients into activating malicious code placed inside Microsoft Word documents. [...]

https://www.bleepingcomputer.com/news/security/watch-out-for-new-malware-campaign-s-windows-11-alpha-attachment/

Google's TensorFlow drops YAML support due to code execution flaw

TensorFlow, a popular Python-based machine learning and artificial intelligence project developed by Google has dropped support for YAML, to patch a critical code execution vulnerability. YAML is a convenient choice among developers looking for a human-readable data serialization language. [...]

https://www.bleepingcomputer.com/news/security/googles-tensorflow-drops-yaml-support-due-to-code-execution-flaw/

Office 365 to let admins block Active Content on Trusted Docs

Microsoft plans to allow Office 365 admins ensure that end-users can't ignore organization-wide policies set up to block active content on Trusted Documents. [...]

https://www.bleepingcomputer.com/news/security/office-365-to-let-admins-block-active-content-on-trusted-docs/

Windows 11 dark mode has quieter, more soothing sounds - Listen now

Windows 11 brings a redesigned user interface and an overhaul to the system sounds, including different sounds for Light Mode and Dark Mode. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-dark-mode-has-quieter-more-soothing-sounds-listen-now/

Ransomware gangs target companies using these criteria

Ransomware gangs increasingly purchase access to a victim's network on dark web marketplaces and from other threat actors. Analyzing their want ads makes it possible to get an inside look at the types of companies ransomware operations are targeting for attacks. [...]

https://www.bleepingcomputer.com/news/security/ransomware-gangs-target-companies-using-these-criteria/