New Elevation of Privilege Vulnerability Found in Cisco WebEx Meetings
A vulnerability found in the update service of the Cisco Webex Meetings Desktop App for Windows could allow an unprivileged local attacker to elevate privileges and run arbitrary commands using the SYSTEM user privileges. [...]
https://www.bleepingcomputer.com/news/security/new-elevation-of-privilege-vulnerability-found-in-cisco-webex-meetings/
A vulnerability found in the update service of the Cisco Webex Meetings Desktop App for Windows could allow an unprivileged local attacker to elevate privileges and run arbitrary commands using the SYSTEM user privileges. [...]
https://www.bleepingcomputer.com/news/security/new-elevation-of-privilege-vulnerability-found-in-cisco-webex-meetings/
BleepingComputer
New Elevation of Privilege Vulnerability Found in Cisco WebEx Meetings
A vulnerability found in the update service of the Cisco Webex Meetings Desktop App for Windows could allow an unprivileged local attacker to elevate privileges and run arbitrary commands using the SYSTEM user privileges.
Icons and Screenshots of Microsoft's Chromium-based Edge Browser Leaked Online
Leaked images related to Microsoft's Chromium-based Edge browser have been leaked online this past week. These images include ones allegedly for the Edge installer and what appears to be a Edge Canary icon. [...]
https://www.bleepingcomputer.com/news/microsoft/icons-and-screenshots-of-microsofts-chromium-based-edge-browser-leaked-online/
Leaked images related to Microsoft's Chromium-based Edge browser have been leaked online this past week. These images include ones allegedly for the Edge installer and what appears to be a Edge Canary icon. [...]
https://www.bleepingcomputer.com/news/microsoft/icons-and-screenshots-of-microsofts-chromium-based-edge-browser-leaked-online/
BleepingComputer
Icons and Screenshots of Microsoft's Chromium-based Edge Browser Leaked Online
Leaked images related to Microsoft's Chromium-based Edge browser have been leaked online this past week. These images include ones allegedly for the Edge installer and what appears to be a Edge Canary icon.
Social Media Attacks Generate $3.25 Billion for Crooks Each Year
Cybercriminals are becoming more clever every year when it comes to exploiting the trust of social media users and this translates into increased earnings, with malicious activities targeting social media platforms netting criminals roughly $3.25 billion per year. [...]
https://www.bleepingcomputer.com/news/security/social-media-attacks-generate-325-billion-for-crooks-each-year/
Cybercriminals are becoming more clever every year when it comes to exploiting the trust of social media users and this translates into increased earnings, with malicious activities targeting social media platforms netting criminals roughly $3.25 billion per year. [...]
https://www.bleepingcomputer.com/news/security/social-media-attacks-generate-325-billion-for-crooks-each-year/
BleepingComputer
Social Media Attacks Generate $3.25 Billion for Crooks Each Year
Cybercriminals are becoming more clever every year when it comes to exploiting the trust of social media users and this translates into increased earnings, with malicious activities targeting social media platforms netting criminals roughly $3.25 billionβ¦
Outlook and Microsoft Account Phishing Emails Utilize Azure Blob Storage
Researchers have found two ongoing phishing campaigns utilizing Microsoft's Azure Blob Storage in order to steal recipient's Outlook and Microsoft account credentials. Both of these campaigns use convincing landing pages that utilize SSL certificates and the windows.net domain to appear legitimate. [...]
https://www.bleepingcomputer.com/news/security/outlook-and-microsoft-account-phishing-emails-utilize-azure-blob-storage/
Researchers have found two ongoing phishing campaigns utilizing Microsoft's Azure Blob Storage in order to steal recipient's Outlook and Microsoft account credentials. Both of these campaigns use convincing landing pages that utilize SSL certificates and the windows.net domain to appear legitimate. [...]
https://www.bleepingcomputer.com/news/security/outlook-and-microsoft-account-phishing-emails-utilize-azure-blob-storage/
BleepingComputer
Outlook and Microsoft Account Phishing Emails Utilize Azure Blob Storage
Researchers have found two ongoing phishing campaigns utilizing Microsoft's Azure Blob Storage in order to steal recipient's Outlook and Microsoft account credentials. Both of these campaigns use convincing landing pages that utilize SSL certificates andβ¦
Coinhive In-Browser Cryptomining Service Shuts Down on March 8
The Coinhive cryptomining mining service which was designed to offer web developers a JavaScript-based Monero miner announced that it will discontinue its services on March 8, 2019. [...]
https://www.bleepingcomputer.com/news/technology/coinhive-in-browser-cryptomining-service-shuts-down-on-march-8/
The Coinhive cryptomining mining service which was designed to offer web developers a JavaScript-based Monero miner announced that it will discontinue its services on March 8, 2019. [...]
https://www.bleepingcomputer.com/news/technology/coinhive-in-browser-cryptomining-service-shuts-down-on-march-8/
BleepingComputer
Coinhive In-Browser Cryptomining Service Shuts Down on March 8
The Coinhive cryptomining mining service which was designed to offer web developers a JavaScript-based Monero miner announced that it will discontinue its services on March 8, 2019.
Topps.com Sports Collectible Site Exposes Payment Info in MageCart Attack
The sports trading card and collectible company Topps disclosed issued a data breach notification stating that it was affected by an attack, which possibly exposed the payment and address information of its customers. [...]
https://www.bleepingcomputer.com/news/security/toppscom-sports-collectible-site-exposes-payment-info-in-magecart-attack/
The sports trading card and collectible company Topps disclosed issued a data breach notification stating that it was affected by an attack, which possibly exposed the payment and address information of its customers. [...]
https://www.bleepingcomputer.com/news/security/toppscom-sports-collectible-site-exposes-payment-info-in-magecart-attack/
BleepingComputer
Topps.com Sports Collectible Site Exposes Payment Info in MageCart Attack
The sports trading card and collectible company Topps disclosed issued a data breach notification stating that it was affected by an attack, which possibly exposed the payment and address information of its customers.
Microsoft Announces Azure Sentinel and Threat Experts Cloud-Based Tech
Microsoft announced its new cloud-based Microsoft Azure Sentinel and Microsoft Threat Experts solutions designed to allow security professionals to react faster and provide adequate responses during cyber attacks. [...]
https://www.bleepingcomputer.com/news/security/microsoft-announces-azure-sentinel-and-threat-experts-cloud-based-tech/
Microsoft announced its new cloud-based Microsoft Azure Sentinel and Microsoft Threat Experts solutions designed to allow security professionals to react faster and provide adequate responses during cyber attacks. [...]
https://www.bleepingcomputer.com/news/security/microsoft-announces-azure-sentinel-and-threat-experts-cloud-based-tech/
BleepingComputer
Microsoft Announces Azure Sentinel and Threat Experts Cloud-Based Tech
Microsoft announced its new cloud-based Microsoft Azure Sentinel and Microsoft Threat Experts solutions designed to allow security professionals to react faster and provide adequate responses during cyber attacks.
MageCart Group Evolves Tactics To Better Steal Your Credit Cards
There are at least a dozen Magecart groups that try to plant their code for skimming payment card data on online stores, but not all of them are equally advanced. Group 4 has taken cybercrime activity to a professional level. [...]
https://www.bleepingcomputer.com/news/security/magecart-group-evolves-tactics-to-better-steal-your-credit-cards/
There are at least a dozen Magecart groups that try to plant their code for skimming payment card data on online stores, but not all of them are equally advanced. Group 4 has taken cybercrime activity to a professional level. [...]
https://www.bleepingcomputer.com/news/security/magecart-group-evolves-tactics-to-better-steal-your-credit-cards/
BleepingComputer
MageCart Group Evolves Tactics To Better Steal Your Credit Cards
There are at least a dozen Magecart groups that try to plant their code for skimming payment card data on online stores, but not all of them are equally advanced. Group 4 has taken cybercrime activity to a professional level.
Cisco Fixes Critical RCE Vulnerability in RV110W, RV130W, and RV215W Routers
Cisco fixed a critical remote code execution vulnerability present in the web-based management interface of the RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router. [...]
https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-rce-vulnerability-in-rv110w-rv130w-and-rv215w-routers/
Cisco fixed a critical remote code execution vulnerability present in the web-based management interface of the RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router. [...]
https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-rce-vulnerability-in-rv110w-rv130w-and-rv215w-routers/
BleepingComputer
Cisco Fixes Critical RCE Vulnerability in RV110W, RV130W, and RV215W Routers
Cisco fixed a critical remote code execution vulnerability present in the web-based management interface of the RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router.
Microsoft Releases Windows 10 Build 18845 (20H1) With Emoji 12.0 and Fixes
Microsoft has released Windows 10 Insider Preview Build 18845 for Insiders in the Skip Ahead ring. This 20H1 build is mostly bug fixes, but does include the finalized Emoji 12.0 emojis and Microsoft has associated keywords with them so you can search for particular ones. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-18845-20h1-with-emoji-120-and-fixes/
Microsoft has released Windows 10 Insider Preview Build 18845 for Insiders in the Skip Ahead ring. This 20H1 build is mostly bug fixes, but does include the finalized Emoji 12.0 emojis and Microsoft has associated keywords with them so you can search for particular ones. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-18845-20h1-with-emoji-120-and-fixes/
BleepingComputer
Microsoft Releases Windows 10 Build 18845 (20H1) With Emoji 12.0 and Fixes
Microsoft has released Windows 10 Insider Preview Build 18845 for Insiders in the Skip Ahead ring. This 20H1 build is mostly bug fixes, but does include the finalized Emoji 12.0 emojis and Microsoft has associated keywords with them so you can search forβ¦
YouTube Disables Comments on Videos with Young Children
YouTube announced that comments on videos featuring young minors are being disabled all across the platform to counteract predatory behavior, with only a few exceptions where the YouTube team will closely work with the channels to actively moderate comments. [...]
https://www.bleepingcomputer.com/news/security/youtube-disables-comments-on-videos-with-young-children/
YouTube announced that comments on videos featuring young minors are being disabled all across the platform to counteract predatory behavior, with only a few exceptions where the YouTube team will closely work with the channels to actively moderate comments. [...]
https://www.bleepingcomputer.com/news/security/youtube-disables-comments-on-videos-with-young-children/
BleepingComputer
YouTube Disables Comments on Videos with Young Children
YouTube announced that comments on videos featuring young minors are being disabled all across the platform to counteract predatory behavior, with only a few exceptions where the YouTube team will closely work with the channels to actively moderate comments.
App Security Improvement Alerts Android Devs of 6 New Vulnerabilities
Google announced the addition of six extra vulnerability warnings to the Application Security Improvement (ASI) program after previously announcing updates for the Google Play Protect, the built-in malware protection for Android. [...]
https://www.bleepingcomputer.com/news/security/app-security-improvement-alerts-android-devs-of-6-new-vulnerabilities/
Google announced the addition of six extra vulnerability warnings to the Application Security Improvement (ASI) program after previously announcing updates for the Google Play Protect, the built-in malware protection for Android. [...]
https://www.bleepingcomputer.com/news/security/app-security-improvement-alerts-android-devs-of-6-new-vulnerabilities/
BleepingComputer
App Security Improvement Alerts Android Devs of 6 New Vulnerabilities
Google announced the addition of six extra vulnerability warnings to the Application Security Improvement (ASI) program after previously announcing updates for the Google Play Protect, the built-in malware protection for Android.
Wireshark 3 Released with New Npcap Windows Packet Capturing Driver
Wireshark 3.0.0 was released today, replacing the no longer maintained WinPcap packet capture library with the Npcap packet sniffing and sending library for Windows, created by Gordon Lyon the founder of the Nmap project. [...]
https://www.bleepingcomputer.com/news/software/wireshark-3-released-with-new-npcap-windows-packet-capturing-driver/
Wireshark 3.0.0 was released today, replacing the no longer maintained WinPcap packet capture library with the Npcap packet sniffing and sending library for Windows, created by Gordon Lyon the founder of the Nmap project. [...]
https://www.bleepingcomputer.com/news/software/wireshark-3-released-with-new-npcap-windows-packet-capturing-driver/
BleepingComputer
Wireshark 3 Released with New Npcap Windows Packet Capturing Driver
Wireshark 3.0.0 was released today, replacing the no longer maintained WinPcap packet capture library with the Npcap packet sniffing and sending library for Windows, created by Gordon Lyon the founder of the Nmap project.
Kaspersky AV Having Certificate Conflicts with Google Chromecast
Users of Kaspersky Antivirus have been complaining since the end of January that when they open Chrome Kaspersky displays numerous alerts stating that there is a problem with a self-signed certificate. It turns out this is being caused by a conflict with a Chromecast device on their network that they may not know even existed. [...]
https://www.bleepingcomputer.com/news/security/kaspersky-av-having-certificate-conflicts-with-google-chromecast/
Users of Kaspersky Antivirus have been complaining since the end of January that when they open Chrome Kaspersky displays numerous alerts stating that there is a problem with a self-signed certificate. It turns out this is being caused by a conflict with a Chromecast device on their network that they may not know even existed. [...]
https://www.bleepingcomputer.com/news/security/kaspersky-av-having-certificate-conflicts-with-google-chromecast/
BleepingComputer
Kaspersky AV Having Certificate Conflicts with Google Chromecast
Users of Kaspersky Antivirus have been complaining since the end of January that when they open Chrome Kaspersky displays numerous alerts stating that there is a problem with a self-signed certificate. It turns out this is being caused by a conflict withβ¦
First Hacker Millionaire on HackerOne
At 19, Santiago Lopez is already counting earnings totaling over USD 1 million from reporting security vulnerabilities through vulnerability coordination and bug bounty program HackerOne. He's the first to make this kind of money on the platform. [...]
https://www.bleepingcomputer.com/news/security/first-hacker-millionaire-on-hackerone/
At 19, Santiago Lopez is already counting earnings totaling over USD 1 million from reporting security vulnerabilities through vulnerability coordination and bug bounty program HackerOne. He's the first to make this kind of money on the platform. [...]
https://www.bleepingcomputer.com/news/security/first-hacker-millionaire-on-hackerone/
BleepingComputer
First Hacker Millionaire on HackerOne
At 19, Santiago Lopez is already counting earnings totaling over USD 1 million from reporting security vulnerabilities through vulnerability coordination and bug bounty program HackerOne. He's the first to make this kind of money on the platform.
Chrome and Firefox Can Take Screenshots of Sites From the Command Line
Both Chrome and Firefox have the ability to take screenshots of web sites directly from the command line. This allows you to create scripts or scheduled tasks that automatically take screenshots of web sites at various intervals. [...]
https://www.bleepingcomputer.com/news/software/chrome-and-firefox-can-take-screenshots-of-sites-from-the-command-line/
Both Chrome and Firefox have the ability to take screenshots of web sites directly from the command line. This allows you to create scripts or scheduled tasks that automatically take screenshots of web sites at various intervals. [...]
https://www.bleepingcomputer.com/news/software/chrome-and-firefox-can-take-screenshots-of-sites-from-the-command-line/
BleepingComputer
Chrome and Firefox Can Take Screenshots of Sites From the Command Line
Both Chrome and Firefox have the ability to take screenshots of web sites directly from the command line. This allows you to create scripts or scheduled tasks that automatically take screenshots of web sites at various intervals.
Phisher Announces More Attacks Against Hedge Funds and Financial Firms
A new phishing campaign called "Beyond the Grave" targeted international hedge funds on January 9th, 2019. In a statement posted to BleepingComputer, the attackers have stated that they will continue to target banking and financial institutions in the future. [...]
https://www.bleepingcomputer.com/news/security/phisher-announces-more-attacks-against-hedge-funds-and-financial-firms/
A new phishing campaign called "Beyond the Grave" targeted international hedge funds on January 9th, 2019. In a statement posted to BleepingComputer, the attackers have stated that they will continue to target banking and financial institutions in the future. [...]
https://www.bleepingcomputer.com/news/security/phisher-announces-more-attacks-against-hedge-funds-and-financial-firms/
BleepingComputer
Phisher Announces More Attacks Against Hedge Funds and Financial Firms
A new phishing campaign called "Beyond the Grave" targeted international hedge funds on January 9th, 2019. In a statement posted to BleepingComputer, the attackers have stated that they will continue to target banking and financial institutions in the future.
Update ColdFusion Now, Critical Zero-Day Bug Exploited in the Wild
Adobe today released emergency updates that fix a critical vulnerability for the ColdFusion web app development platform. The bug can lead to arbitrary code execution and has been exploited in the wild. [...]
https://www.bleepingcomputer.com/news/security/update-coldfusion-now-critical-zero-day-bug-exploited-in-the-wild/
Adobe today released emergency updates that fix a critical vulnerability for the ColdFusion web app development platform. The bug can lead to arbitrary code execution and has been exploited in the wild. [...]
https://www.bleepingcomputer.com/news/security/update-coldfusion-now-critical-zero-day-bug-exploited-in-the-wild/
BleepingComputer
Update ColdFusion Now, Critical Zero-Day Bug Exploited in the Wild
Adobe today released emergency updates that fix a critical vulnerability for the ColdFusion web app development platform. The bug can lead to arbitrary code execution and has been exploited in the wild.
The Week in Ransomware - March 1st 2019 - Cr1ptT0r, B0r0nt0K, and More
Over the past two weeks, there has been some interesting ransomware news regarding a new GandCrab decryptor and two new ransomware infections. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-1st-2019-cr1ptt0r-b0r0nt0k-and-more/
Over the past two weeks, there has been some interesting ransomware news regarding a new GandCrab decryptor and two new ransomware infections. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-1st-2019-cr1ptt0r-b0r0nt0k-and-more/
BleepingComputer
The Week in Ransomware - March 1st 2019 - Cr1ptT0r, B0r0nt0K, and More
Over the past two weeks, there has been some interesting ransomware news regarding a new GandCrab decryptor and two new ransomware infections.
Ransomware Pretends to Be Proton Security Team Securing Data From Hackers
A recent variant of the GarrantyDecrypt ransomware has been found that pretends to be from the security team for Proton Technologies, the company behind ProtonMail and ProtonVPN. [...]
https://www.bleepingcomputer.com/news/security/ransomware-pretends-to-be-proton-security-team-securing-data-from-hackers/
A recent variant of the GarrantyDecrypt ransomware has been found that pretends to be from the security team for Proton Technologies, the company behind ProtonMail and ProtonVPN. [...]
https://www.bleepingcomputer.com/news/security/ransomware-pretends-to-be-proton-security-team-securing-data-from-hackers/
BleepingComputer
Ransomware Pretends to Be Proton Security Team Securing Data From Hackers
A recent variant of the GarrantyDecrypt ransomware has been found that pretends to be from the security team for Proton Technologies, the company behind ProtonMail and ProtonVPN.
Windows 10 Update KB4482887 Released With Performance Fix for Spectre Bug
Microsoft has released the Windows 10 KB4482887 cumulative update for build 1809 that includes numerous fixes including Retpoline Spectre mitigation, a fix for an annoying Action Center bug, and numerous other bug fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-update-kb4482887-released-with-performance-fix-for-spectre-bug/
Microsoft has released the Windows 10 KB4482887 cumulative update for build 1809 that includes numerous fixes including Retpoline Spectre mitigation, a fix for an annoying Action Center bug, and numerous other bug fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-update-kb4482887-released-with-performance-fix-for-spectre-bug/
BleepingComputer
Windows 10 Update KB4482887 Released With Performance Fix for Spectre Bug
Microsoft has released the Windows 10 KB4482887 cumulative update for build 1809 that includes numerous fixes including Retpoline Spectre mitigation, a fix for an annoying Action Center bug, and numerous other bug fixes.