Google Photos Bug Exposed the Location & Time of Your Pictures
A vulnerability in the web version of Google Photos allowed websites to learn a user's location history based on the images they stored in the account. [...]
https://www.bleepingcomputer.com/news/security/google-photos-bug-exposed-the-location-and-time-of-your-pictures/
A vulnerability in the web version of Google Photos allowed websites to learn a user's location history based on the images they stored in the account. [...]
https://www.bleepingcomputer.com/news/security/google-photos-bug-exposed-the-location-and-time-of-your-pictures/
BleepingComputer
Google Photos Bug Exposed the Location & Time of Your Pictures
A vulnerability in the web version of Google Photos allowed websites to learn a user's location history based on the images they stored in the account.
Payment Card Thieves Slip into MyPillow and AmeriSleep Bedding Sites
One of the biggest threats facing online retailers are malicious scripts that attackers add to checkout pages in order to steal customer payment information. A new report released today details how the bedding sites MyPillow.com and Amerisleep.com were targeted with these types of of attacks. [...]
https://www.bleepingcomputer.com/news/security/payment-card-thieves-slip-into-mypillow-and-amerisleep-bedding-sites/
One of the biggest threats facing online retailers are malicious scripts that attackers add to checkout pages in order to steal customer payment information. A new report released today details how the bedding sites MyPillow.com and Amerisleep.com were targeted with these types of of attacks. [...]
https://www.bleepingcomputer.com/news/security/payment-card-thieves-slip-into-mypillow-and-amerisleep-bedding-sites/
BleepingComputer
Payment Card Thieves Slip into MyPillow and AmeriSleep Bedding Sites
One of the biggest threats facing online retailers are malicious scripts that attackers add to checkout pages in order to steal customer payment information. A new report released today details how the bedding sites MyPillow.com and Amerisleep.com were targetedβ¦
Google Fined $1.7 Billion for Anti-Competitive Practices in Online Advertising
Google was fined β¬1.494.459.000 ($1.698.064.094) or 1.29% of Google's 2018 turnover for abusing its market dominance to block rival advertising companies from displaying search ads on publisher search results pages says a European Commission statement published today. [...]
https://www.bleepingcomputer.com/news/security/google-fined-17-billion-for-anti-competitive-practices-in-online-advertising/
Google was fined β¬1.494.459.000 ($1.698.064.094) or 1.29% of Google's 2018 turnover for abusing its market dominance to block rival advertising companies from displaying search ads on publisher search results pages says a European Commission statement published today. [...]
https://www.bleepingcomputer.com/news/security/google-fined-17-billion-for-anti-competitive-practices-in-online-advertising/
BleepingComputer
Google Fined $1.7 Billion for Anti-Competitive Practices in Online Advertising
Google was fined β¬1.494.459.000 ($1.698.064.094) or 1.29% of Google's 2018 turnover for abusing its market dominance to block rival advertising companies from displaying search ads on publisher search results pages says a European Commission statement publishedβ¦
Microsoft Releases Windows 10 Build 18860 (20H1) With Swiftkey Enhancements
Microsoft has released Windows 10 Insider Preview Build 18860 for Insiders in the Skip Ahead ring. This 20H1 build is mostly bug fixes, but does add support for 39 languages in Switfkey. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-18860-20h1-with-swiftkey-enhancements/
Microsoft has released Windows 10 Insider Preview Build 18860 for Insiders in the Skip Ahead ring. This 20H1 build is mostly bug fixes, but does add support for 39 languages in Switfkey. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-18860-20h1-with-swiftkey-enhancements/
BleepingComputer
Microsoft Releases Windows 10 Build 18860 (20H1) With Swiftkey Enhancements
Microsoft has released Windows 10 Insider Preview Build 18860 for Insiders in the Skip Ahead ring. This 20H1 build is mostly bug fixes, but does add support for 39 languages in Switfkey.
1,600 Hotel Guests Secretly Live Streamed to 4,000+ Subscribers
Four individuals from South Korea were detained for secretly recording, live streaming, and selling spycam videos of 1600 motel guests between November 24 and March 2, with two of them being arrested and facing a maximum of five years in jail. [...]
https://www.bleepingcomputer.com/news/security/1-600-hotel-guests-secretly-live-streamed-to-4-000-subscribers/
Four individuals from South Korea were detained for secretly recording, live streaming, and selling spycam videos of 1600 motel guests between November 24 and March 2, with two of them being arrested and facing a maximum of five years in jail. [...]
https://www.bleepingcomputer.com/news/security/1-600-hotel-guests-secretly-live-streamed-to-4-000-subscribers/
BleepingComputer
1,600 Hotel Guests Secretly Live Streamed to 4,000+ Subscribers
Four individuals from South Korea were detained for secretly recording, live streaming, and selling spycam videos of 1600 motel guests between November 24 and March 2, with two of them being arrested and facing a maximum of five years in jail.
Windows 10 Insider Preview Build 18362 (19H1) Fixes Autoupdate of Apps
Microsoft has released Windows 10 Insider Preview Build 18362 (19H1) to Insiders in the Fast ring. This was released to offer a quick fix for a bug that was preventing the Microsoft Store from automatically updating installed apps. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-preview-build-18362-19h1-fixes-autoupdate-of-apps/
Microsoft has released Windows 10 Insider Preview Build 18362 (19H1) to Insiders in the Fast ring. This was released to offer a quick fix for a bug that was preventing the Microsoft Store from automatically updating installed apps. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-preview-build-18362-19h1-fixes-autoupdate-of-apps/
BleepingComputer
Windows 10 Insider Preview Build 18362 (19H1) Fixes Autoupdate of Apps
Microsoft has released Windows 10 Insider Preview Build 18362 (19H1) to Insiders in the Fast ring. This was released to offer a quick fix for a bug that was preventing the Microsoft Store from automatically updating installed apps.
KB4493132 Update Notifies Windows 7 Users of End of Support Date
A new Windows 7 update called KB4493132 has been released and is used to display notifications that remind users that Windows 7 will reach its end of life starting on January 14th, 2020. These notifications contain a link that goes to a Microsoft page suggesting that users upgrade to Windows 10. [...]
https://www.bleepingcomputer.com/news/microsoft/kb4493132-update-notifies-windows-7-users-of-end-of-support-date/
A new Windows 7 update called KB4493132 has been released and is used to display notifications that remind users that Windows 7 will reach its end of life starting on January 14th, 2020. These notifications contain a link that goes to a Microsoft page suggesting that users upgrade to Windows 10. [...]
https://www.bleepingcomputer.com/news/microsoft/kb4493132-update-notifies-windows-7-users-of-end-of-support-date/
BleepingComputer
KB4493132 Update Notifies Windows 7 Users of End of Support Date
A new Windows 7 update called KB4493132 has been released and is used to display notifications that remind users that Windows 7 will reach its end of life starting on January 14th, 2020. These notifications contain a link that goes to a Microsoft page suggestingβ¦
Lithuanian Pleads Guilty to Stealing $100 Million From Google, Facebook
A Lithuanian man pleaded guilty to wire fraud, aggravated identity theft, and three counts of money laundering, and faces a maximum of 30 years in jail after tricking Google and Facebook employees into wiring over $100 million into bank accounts he controlled. [...]
https://www.bleepingcomputer.com/news/security/lithuanian-pleads-guilty-to-stealing-100-million-from-google-facebook/
A Lithuanian man pleaded guilty to wire fraud, aggravated identity theft, and three counts of money laundering, and faces a maximum of 30 years in jail after tricking Google and Facebook employees into wiring over $100 million into bank accounts he controlled. [...]
https://www.bleepingcomputer.com/news/security/lithuanian-pleads-guilty-to-stealing-100-million-from-google-facebook/
BleepingComputer
Lithuanian Pleads Guilty to Stealing $100 Million From Google, Facebook
A Lithuanian man pleaded guilty to wire fraud, aggravated identity theft, and three counts of money laundering, and faces a maximum of 30 years in jail after tricking Google and Facebook employees into wiring over $100 million into bank accounts he controlled.
Putty 0.71 Fixes Weakness That Allows Fake Login Prompts
[...]
https://www.bleepingcomputer.com/news/security/putty-071-fixes-weakness-that-allows-fake-login-prompts/
[...]
https://www.bleepingcomputer.com/news/security/putty-071-fixes-weakness-that-allows-fake-login-prompts/
BleepingComputer
Putty 0.71 Fixes Weakness That Allows Fake Login Prompts
The latest version of PuTTY SSH and Telnet client adds protection against spoofing the terminal authentication prompt to steal login info. Recently released, the update comes after a 20-month hiatus and fixes a total of eight security issues.
Instagram Testing Anti-Squatting Feature that Locks Old Usernames
Instagram is currently testing a new feature designed to automatically lock usernames for 14 days after the owners switch to a new handle, as discovered by mobile researcher Jane Manchun Wong in an Alpha version of the platform's Android app. [...]
https://www.bleepingcomputer.com/news/security/instagram-testing-anti-squatting-feature-that-locks-old-usernames/
Instagram is currently testing a new feature designed to automatically lock usernames for 14 days after the owners switch to a new handle, as discovered by mobile researcher Jane Manchun Wong in an Alpha version of the platform's Android app. [...]
https://www.bleepingcomputer.com/news/security/instagram-testing-anti-squatting-feature-that-locks-old-usernames/
BleepingComputer
Instagram Testing Anti-Squatting Feature that Locks Old Usernames
Instagram is currently testing a new feature designed to automatically lock usernames for 14 days after the owners switch to a new handle, as discovered by mobile researcher Jane Manchun Wong in an Alpha version of the platform's Android app.
Fake CDC Emails Warning of Flu Pandemic Push Ransomware
A new malspam campaign is being conducted that is pretending to be from the Centers for Disease Control and Prevention (CDC) about a new Flu pandemic. Attached to the emails are a malicious attachment that when opened will install the GandCrab v5.2 Ransomware on the target's computer. [...]
https://www.bleepingcomputer.com/news/security/fake-cdc-emails-warning-of-flu-pandemic-push-ransomware/
A new malspam campaign is being conducted that is pretending to be from the Centers for Disease Control and Prevention (CDC) about a new Flu pandemic. Attached to the emails are a malicious attachment that when opened will install the GandCrab v5.2 Ransomware on the target's computer. [...]
https://www.bleepingcomputer.com/news/security/fake-cdc-emails-warning-of-flu-pandemic-push-ransomware/
BleepingComputer
Fake CDC Emails Warning of Flu Pandemic Push Ransomware
A new malspam campaign is being conducted that is pretending to be from the Centers for Disease Control and Prevention (CDC) about a new Flu pandemic. Attached to the emails are a malicious attachment that when opened will install the GandCrab v5.2 Ransomware onβ¦
Microsoft Defender ATP Brings Enterprise Protection to Macs
Microsoft announced that the Windows Defender Advanced Threat Protection (ATP) enterprise platform is now available for macOS as part of a limited preview starting today and rebranded as Microsoft Defender ATP to reflect its new cross-platform support. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-atp-brings-enterprise-protection-to-macs/
Microsoft announced that the Windows Defender Advanced Threat Protection (ATP) enterprise platform is now available for macOS as part of a limited preview starting today and rebranded as Microsoft Defender ATP to reflect its new cross-platform support. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-atp-brings-enterprise-protection-to-macs/
BleepingComputer
Microsoft Defender ATP Brings Enterprise Protection to Macs
Microsoft announced that the Windows Defender Advanced Threat Protection (ATP) enterprise platform is now available for macOS as part of a limited preview starting today and rebranded as Microsoft Defender ATP to reflect its new cross-platform support.
Facebook Employees Could Access Unencrypted Passwords for Millions of Users
As part of a seemingly never-ending stream of security blunders, Facebook disclosed today that the passwords of hundreds of millions of Facebook and Instagram users were stored in plain text for years on internal data storage systems. [...]
https://www.bleepingcomputer.com/news/security/facebook-employees-could-access-unencrypted-passwords-for-millions-of-users/
As part of a seemingly never-ending stream of security blunders, Facebook disclosed today that the passwords of hundreds of millions of Facebook and Instagram users were stored in plain text for years on internal data storage systems. [...]
https://www.bleepingcomputer.com/news/security/facebook-employees-could-access-unencrypted-passwords-for-millions-of-users/
BleepingComputer
Facebook Employees Could Access Unencrypted Passwords for Millions of Users
As part of a seemingly never-ending stream of security blunders, Facebook disclosed today that the passwords of hundreds of millions of Facebook and Instagram users were stored in plain text for years on internal data storage systems.
Cisco Fixes High-Severity Vulnerabilities in IP Phone 77800, 8800
Cisco released on Wednesday security patches for vulnerabilities present in its IP Phone 7800 and 8800 series. An attacker could exploit most of the flaws remotely without being authenticated [...]
https://www.bleepingcomputer.com/news/security/cisco-fixes-high-severity-vulnerabilities-in-ip-phone-77800-8800/
Cisco released on Wednesday security patches for vulnerabilities present in its IP Phone 7800 and 8800 series. An attacker could exploit most of the flaws remotely without being authenticated [...]
https://www.bleepingcomputer.com/news/security/cisco-fixes-high-severity-vulnerabilities-in-ip-phone-77800-8800/
BleepingComputer
Cisco Fixes High-Severity Vulnerabilities in IP Phone 77800, 8800
Cisco released on Wednesday security patches for vulnerabilities present in its IP Phone 7800 and 8800 series. An attacker could exploit most of the flaws remotely without being authenticated
Safari, Virtualbox, VMware Get Hacked During First Day of Pwn2Own 2019
During the first day of Pwn2Own Vancouver 2019, contestants were able to successfully hack into the Apple Safari web browser, Oracle's VirtualBox, and VMware Workstation, earning a total of $240,000 in cash awards. [...]
https://www.bleepingcomputer.com/news/security/safari-virtualbox-vmware-get-hacked-during-first-day-of-pwn2own-2019/
During the first day of Pwn2Own Vancouver 2019, contestants were able to successfully hack into the Apple Safari web browser, Oracle's VirtualBox, and VMware Workstation, earning a total of $240,000 in cash awards. [...]
https://www.bleepingcomputer.com/news/security/safari-virtualbox-vmware-get-hacked-during-first-day-of-pwn2own-2019/
BleepingComputer
Safari, Virtualbox, VMware Get Hacked During First Day of Pwn2Own 2019
During the first day of Pwn2Own Vancouver 2019, contestants were able to successfully hack into the Apple Safari web browser, Oracle's VirtualBox, and VMware Workstation, earning a total of $240,000 in cash awards.
A Outage is Bad for Facebook, but Great for PornHub
One site's outage is another site's gain, which is exactly what PornHub discovered during the recent extended outage experienced by Facebook, WhatsApp, and Instagram. [...]
https://www.bleepingcomputer.com/news/technology/a-outage-is-bad-for-facebook-but-great-for-pornhub/
One site's outage is another site's gain, which is exactly what PornHub discovered during the recent extended outage experienced by Facebook, WhatsApp, and Instagram. [...]
https://www.bleepingcomputer.com/news/technology/a-outage-is-bad-for-facebook-but-great-for-pornhub/
BleepingComputer
A Outage is Bad for Facebook, but Great for PornHub
One site's outage is another site's gain, which is exactly what PornHub discovered during the recent extended outage experienced by Facebook, WhatsApp, and Instagram.
13-Year-Old Allegedly Hacked Teacher Account to Create Student 'Hit List'
A 13-year-old is currently under investigation after he allegedly used a teacher's credentials to hack into his school district's computing system to steal fellow students' personal information and create a "hit list." [...]
https://www.bleepingcomputer.com/news/security/13-year-old-allegedly-hacked-teacher-account-to-create-student-hit-list/
A 13-year-old is currently under investigation after he allegedly used a teacher's credentials to hack into his school district's computing system to steal fellow students' personal information and create a "hit list." [...]
https://www.bleepingcomputer.com/news/security/13-year-old-allegedly-hacked-teacher-account-to-create-student-hit-list/
BleepingComputer
13-Year-Old Allegedly Hacked Teacher Account to Create Student 'Hit List'
A 13-year-old is currently under investigation after he allegedly used a teacher's credentials to hack into his school district's computing system to steal fellow students' personal information and create a "hit list."
Windows 7 Gets an Extra Life With Windows Virtual Desktop
Microsoft announced today that their new Windows Virtual Desktop product is now available for public preview. This technology allows the enterprise to move their desktops and applications into Azure and be hosted on Windows 10 and Windows 7 operating systems that are always secured with the latest updates. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-7-gets-an-extra-life-with-windows-virtual-desktop/
Microsoft announced today that their new Windows Virtual Desktop product is now available for public preview. This technology allows the enterprise to move their desktops and applications into Azure and be hosted on Windows 10 and Windows 7 operating systems that are always secured with the latest updates. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-7-gets-an-extra-life-with-windows-virtual-desktop/
BleepingComputer
Windows 7 Gets an Extra Life With Windows Virtual Desktop
Microsoft announced today that their new Windows Virtual Desktop product is now available for public preview. This technology allows the enterprise to move their desktops and applications into Azure and be hosted on Windows 10 and Windows 7 operating systemsβ¦
2 Million Emails of 350K+ Clients Possibly Exposed in Oregon DHS Data Breach
The Oregon Department of Human Services (DHS) announced that roughly 2 million emails with Protected Health Information from more than 350,000 customers have been potentially exposed after 9 employee mailboxes were compromised in a spear phishing attack. [...]
https://www.bleepingcomputer.com/news/security/2-million-emails-of-350k-clients-possibly-exposed-in-oregon-dhs-data-breach/
The Oregon Department of Human Services (DHS) announced that roughly 2 million emails with Protected Health Information from more than 350,000 customers have been potentially exposed after 9 employee mailboxes were compromised in a spear phishing attack. [...]
https://www.bleepingcomputer.com/news/security/2-million-emails-of-350k-clients-possibly-exposed-in-oregon-dhs-data-breach/
BleepingComputer
2 Million Emails of 350K+ Clients Possibly Exposed in Oregon DHS Data Breach
The Oregon Department of Human Services (DHS) announced that roughly 2 million emails with Protected Health Information from more than 350,000 customers have been potentially exposed after 9 employee mailboxes were compromised in a spear phishing attack.
Mozilla Firefox and Microsoft Edge Hacked on Second Day of Pwn2Own
During the second day of Pwn2Own Vancouver 2019, competitors successfully pwned the Mozilla Firefox and Microsoft Edge web browsers, as well as VMware's Workstation client, earning a total of $270,000 in cash awards. [...]
https://www.bleepingcomputer.com/news/security/mozilla-firefox-and-microsoft-edge-hacked-on-second-day-of-pwn2own/
During the second day of Pwn2Own Vancouver 2019, competitors successfully pwned the Mozilla Firefox and Microsoft Edge web browsers, as well as VMware's Workstation client, earning a total of $270,000 in cash awards. [...]
https://www.bleepingcomputer.com/news/security/mozilla-firefox-and-microsoft-edge-hacked-on-second-day-of-pwn2own/
BleepingComputer
Mozilla Firefox and Microsoft Edge Hacked on Second Day of Pwn2Own
During the second day of Pwn2Own Vancouver 2019, competitors successfully pwned the Mozilla Firefox and Microsoft Edge web browsers, as well as VMware's Workstation client, earning a total of $270,000 in cash awards.
Zero-Day WordPress Plugin Vulnerability Used to Add Malicious Redirects
WordPress websites using unpatched Social Warfare installations (v3.5.1 and v3.5.2) are exposed to attacks abusing a zero-day stored Cross-Site Scripting (XSS) vulnerability fixed in the 3.5.3 version of the plugin. [...]
https://www.bleepingcomputer.com/news/security/zero-day-wordpress-plugin-vulnerability-used-to-add-malicious-redirects/
WordPress websites using unpatched Social Warfare installations (v3.5.1 and v3.5.2) are exposed to attacks abusing a zero-day stored Cross-Site Scripting (XSS) vulnerability fixed in the 3.5.3 version of the plugin. [...]
https://www.bleepingcomputer.com/news/security/zero-day-wordpress-plugin-vulnerability-used-to-add-malicious-redirects/
BleepingComputer
Zero-Day WordPress Plugin Vulnerability Used to Add Malicious Redirects
WordPress websites using unpatched Social Warfare installations (v3.5.1 and v3.5.2) are exposed to attacks abusing a zero-day stored Cross-Site Scripting (XSS) vulnerability fixed in the 3.5.3 version of the plugin.