Microsoft fixes bug letting hackers take over Azure containers

Microsoft has fixed a vulnerability in Azure Container Instances called Azurescape that allowed a malicious container to take over containers belonging to other customers on the platform. [...]

https://www.bleepingcomputer.com/news/security/microsoft-fixes-bug-letting-hackers-take-over-azure-containers/

Windows MSHTML zero-day defenses bypassed as new info emerges

New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor's ultimate goal of taking over corporate networks. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-defenses-bypassed-as-new-info-emerges/

MyRepublic discloses data breach exposing government ID cards

MyRepublic Singapore has disclosed a data breach exposing the personal information of approximately 80,000 mobile subscribers. [...]

https://www.bleepingcomputer.com/news/security/myrepublic-discloses-data-breach-exposing-government-id-cards/

The Week in Ransomware - September 10th 2021 - REvil returns

This week marked the return of the notorious REvil ransomware group, who disappeared in July after conducting a massive attack using a Kaseya zero-day vulnerability. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-10th-2021-revil-returns/

REvil ransomware is back in full attack mode and leaking data

The REvil ransomware gang has fully returned and is once again attacking new victims and publishing stolen files on a data leak site. [...]

https://www.bleepingcomputer.com/news/security/revil-ransomware-is-back-in-full-attack-mode-and-leaking-data/

Windows MSHTML zero-day exploits shared on hacking forums

Threat actors are sharing working Windows CVE-2021-40444 MSHTML zero-day exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-exploits-shared-on-hacking-forums/

Windows 11 Android support spotted online ahead of launch

Ahead of the beta testing with Insiders, Microsoft has already published the placeholder for the Android subsystem in the Microsoft Store. According to the Microsoft Store listing, Windows 11's Android support will require at least 8GB of RAM. For the best experience, 16GB is RAM is recommended. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-android-support-spotted-online-ahead-of-launch/

BlackMatter ransomware hits medical technology giant Olympus

Olympus, a leading medical technology company, is investigating a "potential cybersecurity incident" that impacted some of its EMEA (Europe, Middle East, Africa) IT systems last week. [...]

https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-hits-medical-technology-giant-olympus/

Hacker-made Linux Cobalt Strike beacon used in ongoing attacks

An unofficial Cobalt Strike Beacon version made by unknown threat actors from scratch has been spotted by security researchers while actively used in attacks targeting organizations worldwide. [...]

https://www.bleepingcomputer.com/news/security/hacker-made-linux-cobalt-strike-beacon-used-in-ongoing-attacks/

Walmart press release hoax causes Litecoin to spike 34%

A fake Walmart press release stating that the retail chain would begin accepting Litecoin caused the cryptocurrency to jump by almost 35% this morning. [...]

https://www.bleepingcomputer.com/news/cryptocurrency/walmart-press-release-hoax-causes-litecoin-to-spike-34-percent/

FTC warns of extortionists targeting LGBTQ+ community on dating apps

The US Federal Trade Commission (FTC) warns of extortion scammers targeting the LGBTQ+ community via online dating apps such as Grindr and Feeld. [...]

https://www.bleepingcomputer.com/news/security/ftc-warns-of-extortionists-targeting-lgbtq-plus-community-on-dating-apps/

Apple fixes iOS zero-day used to deploy NSO iPhone spyware

Apple has released security updates to fix two zero-day vulnerabilities that have been seen exploited in the wild to attack iPhones and Macs. [...]

https://www.bleepingcomputer.com/news/apple/apple-fixes-ios-zero-day-used-to-deploy-nso-iphone-spyware/

Firefox now bypasses Windows 11's messy default browser settings

Fed up with the new Windows 11 default apps interface, Mozilla has bypassed Microsoft's policies to make it easier for users to switch their default browser. [...]

https://www.bleepingcomputer.com/news/microsoft/firefox-now-bypasses-windows-11s-messy-default-browser-settings/

Google patches 10th Chrome zero-day exploited in the wild this year

Google has released Chrome 93.0.4577.82 for Windows, Mac, and Linux to fix eleven security vulnerabilities, two of them being zero-days exploited in the wild. [...]

https://www.bleepingcomputer.com/news/google/google-patches-10th-chrome-zero-day-exploited-in-the-wild-this-year/

Millions of HP OMEN gaming PCs impacted by driver vulnerability

Millions of HP OMEN laptop and desktop gaming computers are exposed to attacks by a high severity vulnerability that can let threat actors trigger denial of service states or escalate privileges and disable security solutions. [...]

https://www.bleepingcomputer.com/news/security/millions-of-hp-omen-gaming-pcs-impacted-by-driver-vulnerability/

New Zloader attacks disable Windows Defender to evade detection

An ongoing Zloader campaign uses a new infection chain to disable Microsoft Defender Antivirus (formerly Windows Defender) on victims' computers to evade detection. [...]

https://www.bleepingcomputer.com/news/security/new-zloader-attacks-disable-windows-defender-to-evade-detection/

Microsoft: Windows 10 2004 reaches end of service in December

Microsoft has reminded customers today that Windows 10 2004 (all editions) and Windows Server 2004 (Datacenter, Standard editions) will reach the end of servicing on December 14, 2021. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-10-2004-reaches-end-of-service-in-december/

Windows 10 KB5005565 & KB5005566 cumulative updates released

Today's cumulative updates include security fixes for PCs with May 2021 Update (version 21H1), October 2020 Update (version 20H2), and May 2020 Update (version 2004). [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5005565-and-kb5005566-cumulative-updates-released/

Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws

Today is Microsoft's September 2021 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities and a total of 61 flaws. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-september-2021-patch-tuesday-fixes-2-zero-days-60-flaws/

Google Chromebook bug causes black screens after login

Google is investigating reports of black screens showing up on users' Chromebooks when trying to log into their Chrome OS accounts. [...]

https://www.bleepingcomputer.com/news/google/google-chromebook-bug-causes-black-screens-after-login/

Microsoft fixes Windows CVE-2021-40444 MSHTML zero-day bug

Microsoft today fixed a high severity zero-day vulnerability actively exploited in targeted attacks against Microsoft Office and Office 365 on Windows 10 computers. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-cve-2021-40444-mshtml-zero-day-bug/