Europol says Home Routing mobile encryption feature aids criminals

Europol is proposing solutions to avoid challenges posed by privacy-enhancing technologies in Home Routing that hinder law enforcement's ability to intercept communications during criminal investigations. [...]

https://www.bleepingcomputer.com/news/security/europol-says-home-routing-mobile-encryption-feature-aids-criminals/

 Roblox vendor data breach exposes dev conference attendee info

Roblox announced late last week that it suffered a data breach impacting attendees of the 2022, 2023, and 2024 Roblox Developer Conference attendees. [...]

https://www.bleepingcomputer.com/news/security/roblox-vendor-data-breach-exposes-dev-conference-attendee-info/

 CloudSorcerer hackers abuse cloud services to steal Russian govt data

A new advanced persistent threat (APT) group named CloudSorcerer abuses public cloud services to steal data from Russian government organizations in cyberespionage attacks. [...]

https://www.bleepingcomputer.com/news/security/cloudsorcerer-hackers-abuse-cloud-services-to-steal-russian-govt-data/

 RCE bug in widely used Ghostscript library now exploited in attacks

A remote code execution vulnerability in the Ghostscript document conversion toolkit, widely used on Linux systems, is currently being exploited in attacks. [...]

https://www.bleepingcomputer.com/news/security/rce-bug-in-widely-used-ghostscript-library-now-exploited-in-attacks/

 Notepad finally gets spellcheck, autocorrect for all Windows 11 users

Microsoft has finally released a spell check and autocorrect feature in Notepad for all Windows 11 users, forty-one years after the program was introduced in 1983. [...]

https://www.bleepingcomputer.com/news/microsoft/notepad-finally-gets-spellcheck-autocorrect-for-all-windows-11-users/

 Russia forces Apple to remove dozens of VPN apps from App Store

Apple has removed 25 virtual private network (VPN) apps from the Russian App Store at the request of Roskomnadzor, Russia's telecommunications watchdog. [...]

https://www.bleepingcomputer.com/news/technology/russia-forces-apple-to-remove-dozens-of-vpn-apps-from-app-store/

 Avast releases free decryptor for DoNex ransomware and past variants

Antivirus company Avast have discovered a weakness in the cryptographic scheme of the DoNex ransomware family and released a decryptor so victims can recover their files for free. [...]

https://www.bleepingcomputer.com/news/security/avast-releases-free-decryptor-for-donex-ransomware-and-past-variants/

 Microsoft: Windows 11 22H2 reaches end of service in October

Microsoft reminded customers today that multiple editions of Windows 11, version 22H2, will reach the end of servicing (EOS) in three months, on October 8, 2024. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-11-22h2-reaches-end-of-service-in-october/

 Neiman Marcus data breach: 31 million email addresses found exposed

A May 2024 data breach disclosed by American luxury retailer and department store chain Neiman Marcus last month has exposed more than 31 million customer email addresses, according to Have I Been Pwned founder Troy Hunt, who analyzed the stolen data. [...]

https://www.bleepingcomputer.com/news/security/neiman-marcus-data-breach-31-million-email-addresses-found-exposed/

 Hackers leak 39,000 print-at-home Ticketmaster tickets for 154 events

In an ongoing extortion campaign against Ticketmaster, threat actors have leaked almost 39,000 print-at-home tickets for 150 upcoming concerts and events, including Pearl Jam, Phish, Tate McCrae, and Foo Fighters. [...]

https://www.bleepingcomputer.com/news/security/hackers-leak-39-000-print-at-home-ticketmaster-tickets-for-154-events/

 Computer maker Zotac exposed customers' RMA info on Google Search

Computer hardware maker Zotac has exposed return merchandise authorization (RMA) requests and related documents online for an unknown period, exposing sensitive customer information. [...]

https://www.bleepingcomputer.com/news/security/computer-maker-zotac-exposed-customers-rma-info-on-google-search/

 Evolve Bank says data breach impacts 7.6 million Americans

Evolve Bank & Trust (Evolve) is sending notices of a data breach to 7.6 million Americans whose data was stolen during a recent LockBit ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/evolve-bank-says-data-breach-impacts-76-million-americans/

 Chinese APT40 hackers hijack SOHO routers to launch attacks

An advisory by CISA and multiple international cybersecurity agencies highlights the tactics, techniques, and procedures (TTPs) of APT40 (aka "Kryptonite Panda"), a state-sponsored Chinese cyber-espionage actor. [...]

https://www.bleepingcomputer.com/news/security/chinese-apt40-hackers-hijack-soho-routers-to-launch-attacks/

 City of Philadelphia says over 35,000 hit in May 2023 breach

The City of Philadelphia revealed that a May 2024 disclosed in October impacted more than 35,000 individuals' personal and protected health information. [...]

https://www.bleepingcomputer.com/news/security/city-of-philadelphia-says-over-35-000-hit-in-may-2023-breach/

 Hackers target WordPress calendar plugin used by 150,000 sites

Hackers are trying to exploit a vulnerability in the Modern Events Calendar WordPress plugin that is present on more than 150,000 websites to upload arbitrary files to a vulnerable site and execute code remotely. [...]

https://www.bleepingcomputer.com/news/security/hackers-target-wordpress-calendar-plugin-used-by-150-000-sites/

 Windows 11 KB5040435 update released with 31 fixes, changes

Microsoft is rolling out the KB5040442 cumulative update for Windows 11 23H3, which includes up to thirty-two improvements and changes. The changes include a new feature that adds back the "Show Desktop" button, which Copilot replaced. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5040435-update-released-with-31-fixes-changes/

 Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days

Today is Microsoft's July 2024 Patch Tuesday, which includes security updates for 142 flaws, including two actively exploited and two publicly disclosed zero-days. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2024-patch-tuesday-fixes-142-flaws-4-zero-days/

 Windows 10 KB5040427 update released with Copilot changes, 12 other fixes

Microsoft has released the KB5040427 cumulative update for Windows 10 21H2 and Windows 10 22H2 with 13 changes, including Microsoft Copilot now behaving like an app, providing more flexibility on how it is displayed. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5040427-update-released-with-copilot-changes-12-other-fixes/

 Fujitsu confirms customer data exposed in March cyberattack

Fujitsu confirms that information related to some individuals and customers' business has been compromised during the data breach detected earlier this year. [...]

https://www.bleepingcomputer.com/news/security/fujitsu-confirms-customer-data-exposed-in-march-cyberattack/

 New Blast-RADIUS attack bypasses widely-used RADIUS authentication

Blast-RADIUS, an authentication bypass in the widely used RADIUS/UDP protocol, enables threat actors to breach networks and devices in man-in-the-middle MD5 collision attacks. [...]

https://www.bleepingcomputer.com/news/security/new-blast-radius-attack-bypasses-widely-used-radius-authentication/

 US disrupts AI-powered bot farm pushing Russian propaganda on X

Almost a thousand Twitter accounts controlled by a large bot farm pushing Russian propaganda and domains used to register the bots were taken down in a joint international law enforcement operation led by the U.S. Justice Department. [...]

https://www.bleepingcomputer.com/news/security/us-disrupts-ai-powered-bot-farm-pushing-russian-propaganda-on-x/