NVIDIA Patches High Severity Windows GPU Display Driver Flaws
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines. [...]
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-windows-gpu-display-driver-flaws/
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines. [...]
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-windows-gpu-display-driver-flaws/
BleepingComputer
NVIDIA Patches High Severity Windows GPU Display Driver Flaws
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines.
Google Considers Removing Android ADB Backup and Restore
The Android Debug Bridge (adb) backup and restore commands will be deprecated and may be removed in a future Android release, as detailed in a commit merged into the Android Open Source Project (AOSP) git repository. [...]
https://www.bleepingcomputer.com/news/mobile/google-considers-removing-android-adb-backup-and-restore/
The Android Debug Bridge (adb) backup and restore commands will be deprecated and may be removed in a future Android release, as detailed in a commit merged into the Android Open Source Project (AOSP) git repository. [...]
https://www.bleepingcomputer.com/news/mobile/google-considers-removing-android-adb-backup-and-restore/
BleepingComputer
Google Considers Removing Android ADB Backup and Restore
The Android Debug Bridge (adb) backup and restore commands will be deprecated and may be removed in a future Android release, as detailed in a commit merged into the Android Open Source Project (AOSP) git repository.
Nigerian BEC Scammers Shifting to RATs As Tool of Choice
Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids. [...]
https://www.bleepingcomputer.com/news/security/nigerian-bec-scammers-shifting-to-rats-as-tool-of-choice/
Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids. [...]
https://www.bleepingcomputer.com/news/security/nigerian-bec-scammers-shifting-to-rats-as-tool-of-choice/
BleepingComputer
Nigerian BEC Scammers Shifting to RATs As Tool of Choice
Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids.
The Week in Ransomware - May 10th 2019 - MegaCortex, Jokeroo, and More
This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-10th-2019-megacortex-jokeroo-and-more/
This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-10th-2019-megacortex-jokeroo-and-more/
BleepingComputer
The Week in Ransomware - May 10th 2019 - MegaCortex, Jokeroo, and More
This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam.
Microsoft is Relaunching Power Toys For Windows 10 Users
Microsoft announced this week that they will be bringing back the Windows Power Toys so that a new generation of users can enjoy them. To start they will be offering two new Power Toys, but have a list of others that they hope to add. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-is-relaunching-power-toys-for-windows-10-users/
Microsoft announced this week that they will be bringing back the Windows Power Toys so that a new generation of users can enjoy them. To start they will be offering two new Power Toys, but have a list of others that they hope to add. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-is-relaunching-power-toys-for-windows-10-users/
BleepingComputer
Microsoft is Relaunching PowerToys For Windows 10 Users
Microsoft announced this week that they will be bringing back the Windows PowerToys so that a new generation of users can enjoy them. To start they will be offering two new PowerToys, but have a list of others that they hope to add
Arch Linux for WSL is now Available in the Microsoft Store
Fans of the Windows 10 Subsystem for Linux (WSL) will be happy to learn that the Arch Linux distribution is now available from the Microsoft Store. [...]
https://www.bleepingcomputer.com/news/microsoft/arch-linux-for-wsl-is-now-available-in-the-microsoft-store/
Fans of the Windows 10 Subsystem for Linux (WSL) will be happy to learn that the Arch Linux distribution is now available from the Microsoft Store. [...]
https://www.bleepingcomputer.com/news/microsoft/arch-linux-for-wsl-is-now-available-in-the-microsoft-store/
BleepingComputer
Arch Linux for WSL is now Available in the Microsoft Store
Fans of the Windows 10 Subsystem for Linux (WSL) will be happy to learn that the Arch Linux distribution is now available from the Microsoft Store.
Blocking Hyperlink Auditing Tracking Pings with Extensions
With Chrome, Safari, and Edge enabling the tracking feature called Hyperlink Auditing, or Pings, by default without a way to disable them, users will need to rely on browser extensions to block them going forward. [...]
https://www.bleepingcomputer.com/news/security/blocking-hyperlink-auditing-tracking-pings-with-extensions/
With Chrome, Safari, and Edge enabling the tracking feature called Hyperlink Auditing, or Pings, by default without a way to disable them, users will need to rely on browser extensions to block them going forward. [...]
https://www.bleepingcomputer.com/news/security/blocking-hyperlink-auditing-tracking-pings-with-extensions/
BleepingComputer
Blocking Hyperlink Auditing Tracking Pings with Extensions
With Chrome, Safari, and Edge enabling the tracking feature called Hyperlink Auditing, or Pings, by default without a way to disable them, users will need to rely on browser extensions to block them going forward.
Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks. [...]
https://www.bleepingcomputer.com/news/security/linux-kernel-prior-to-508-vulnerable-to-remote-code-execution/
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks. [...]
https://www.bleepingcomputer.com/news/security/linux-kernel-prior-to-508-vulnerable-to-remote-code-execution/
BleepingComputer
Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks.
Sensitive Information of Millions of Panama Citizens Leaked
An unprotected Elasticsearch cluster exposed 3,427,396 records containing sensitive personal information on Panama citizens with "patient" labels, together with another 468,086 records labeled as test patients. [...]
https://www.bleepingcomputer.com/news/security/sensitive-information-of-millions-of-panama-citizens-leaked/
An unprotected Elasticsearch cluster exposed 3,427,396 records containing sensitive personal information on Panama citizens with "patient" labels, together with another 468,086 records labeled as test patients. [...]
https://www.bleepingcomputer.com/news/security/sensitive-information-of-millions-of-panama-citizens-leaked/
BleepingComputer
Sensitive Information of Millions of Panama Citizens Leaked
An unprotected Elasticsearch cluster exposed 3,427,396 records containing sensitive personal information on Panama citizens with "patient" labels, together with another 468,086 records labeled as test patients.
New Details Emerge of Fxmsp's Hacking of Antivirus Companies
It is difficult to fathom that a threat actor may be able to breach the networks of a reputed security company. Yet, this is not only possible but also happened in the past; and it is not far-fetched to believe that it is the case with at least three antivirus makers, as reported by BleepingComputer earlier this week. [...]
https://www.bleepingcomputer.com/news/security/new-details-emerge-of-fxmsps-hacking-of-antivirus-companies/
It is difficult to fathom that a threat actor may be able to breach the networks of a reputed security company. Yet, this is not only possible but also happened in the past; and it is not far-fetched to believe that it is the case with at least three antivirus makers, as reported by BleepingComputer earlier this week. [...]
https://www.bleepingcomputer.com/news/security/new-details-emerge-of-fxmsps-hacking-of-antivirus-companies/
BleepingComputer
New Details Emerge of Fxmsp's Hacking of Antivirus Companies
It is difficult to fathom that a threat actor may be able to breach the networks of a reputed security company. Yet, this is not only possible but also happened in the past; and it is not far-fetched to believe that it is the case with at least three antivirusβ¦
New Game Boy Emulator Has a Remote 'Cloud Gaming' Mode
A new Game Boy emulator written in Go has been released that offers the interesting ability of making your games accessible over the Internet using Telnet. While the online games are rendered using ANSI and are not as visually appealing, it illustrates how emulator developers can extend their features to the Internet. [...]
https://www.bleepingcomputer.com/news/gaming/new-game-boy-emulator-has-a-remote-cloud-gaming-mode/
A new Game Boy emulator written in Go has been released that offers the interesting ability of making your games accessible over the Internet using Telnet. While the online games are rendered using ANSI and are not as visually appealing, it illustrates how emulator developers can extend their features to the Internet. [...]
https://www.bleepingcomputer.com/news/gaming/new-game-boy-emulator-has-a-remote-cloud-gaming-mode/
BleepingComputer
New Game Boy Emulator Has a Remote 'Cloud Gaming' Mode
A new Game Boy emulator written in Go has been released that offers the interesting ability of making your games accessible over the Internet using Telnet. While the online games are rendered using ANSI and are not as visually appealing, it illustrates howβ¦
U.S. Govt Issues Microsoft Office 365 Security Best Practices
The Cybersecurity and Infrastructure Security Agency (CISA) issued a set of best practices designed to help organizations to mitigate risks and vulnerabilities associated with migrating their email services to Microsoft Office 365. [...]
https://www.bleepingcomputer.com/news/security/us-govt-issues-microsoft-office-365-security-best-practices/
The Cybersecurity and Infrastructure Security Agency (CISA) issued a set of best practices designed to help organizations to mitigate risks and vulnerabilities associated with migrating their email services to Microsoft Office 365. [...]
https://www.bleepingcomputer.com/news/security/us-govt-issues-microsoft-office-365-security-best-practices/
BleepingComputer
U.S. Govt Issues Microsoft Office 365 Security Best Practices
The Cybersecurity and Infrastructure Security Agency (CISA) issued a set of best practices designed to help organizations to mitigate risks and vulnerabilities associated with migrating their email services to Microsoft Office 365.
Linksys Smart Wi-Fi Routers Leak Info of Connected Devices
More than 25,000 Linksys Smart Wi-Fi routers are currently impacted by an information disclosure vulnerability which allows remote and unauthenticated access to a vast array of sensitive device information. [...]
https://www.bleepingcomputer.com/news/security/linksys-smart-wi-fi-routers-leak-info-of-connected-devices/
More than 25,000 Linksys Smart Wi-Fi routers are currently impacted by an information disclosure vulnerability which allows remote and unauthenticated access to a vast array of sensitive device information. [...]
https://www.bleepingcomputer.com/news/security/linksys-smart-wi-fi-routers-leak-info-of-connected-devices/
BleepingComputer
Linksys Smart Wi-Fi Routers Leak Info of Connected Devices
More than 25,000 Linksys Smart Wi-Fi routers are currently impacted by an information disclosure vulnerability which allows remote and unauthenticated access to a vast array of sensitive device information.
Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond
A report last week about Fxmsp hacker group claiming access to the networks and source code of three antivirus companies with offices in the U.S. generated from alleged victims statements that are disputed by the firm that sounded the alarm. [...]
https://www.bleepingcomputer.com/news/security/fxmsp-chat-logs-reveal-the-hacked-antivirus-vendors-avs-respond/
A report last week about Fxmsp hacker group claiming access to the networks and source code of three antivirus companies with offices in the U.S. generated from alleged victims statements that are disputed by the firm that sounded the alarm. [...]
https://www.bleepingcomputer.com/news/security/fxmsp-chat-logs-reveal-the-hacked-antivirus-vendors-avs-respond/
BleepingComputer
Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond
A report last week about Fxmsp hacker group claiming access to the networks and source code of three antivirus companies with offices in the U.S. generated statements from alleged victims that are disputed by the firm that sounded the alarm.
Adobe Says Upgrade Creative Cloud Apps or Risk 3rd Party Claims
On May 8th, 2019, Creative Cloud users have started receiving emails from Adobe stating that older versions of the products they are using have been discontinued and that users are no longer licensed to use them. For many of these developers, this not a reasonable request as they need to utilize older versions for certain projects. [...]
https://www.bleepingcomputer.com/news/software/adobe-says-upgrade-creative-cloud-apps-or-risk-3rd-party-claims/
On May 8th, 2019, Creative Cloud users have started receiving emails from Adobe stating that older versions of the products they are using have been discontinued and that users are no longer licensed to use them. For many of these developers, this not a reasonable request as they need to utilize older versions for certain projects. [...]
https://www.bleepingcomputer.com/news/software/adobe-says-upgrade-creative-cloud-apps-or-risk-3rd-party-claims/
BleepingComputer
Adobe Says Upgrade Creative Cloud Apps or Risk 3rd Party Claims
On May 8th, 2019, Creative Cloud users have started receiving emails from Adobe stating that older versions of the products they are using have been discontinued and that users are no longer licensed to use them. For many of these developers, this not a reasonableβ¦
Google Chrome Offers a Glimpse of it's Upcoming Settings Screen
In the latest Chrome Nightly build, Google is finally giving in and putting a fixed left-hand navigation bar in the browser's Settings page. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-offers-a-glimpse-of-its-upcoming-settings-screen/
In the latest Chrome Nightly build, Google is finally giving in and putting a fixed left-hand navigation bar in the browser's Settings page. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-offers-a-glimpse-of-its-upcoming-settings-screen/
BleepingComputer
Google Chrome Offers a Glimpse of it's Upcoming Settings Screen
In the latest Chrome Nightly build, Google is finally giving in and putting a fixed left-hand navigation bar in the browser's Settings page.
Hackers Access Over 461,000 Accounts in Uniqlo Data Breach
Fast Retailing, the company behind multiple Japanese retail brands, announced that the UNIQLO Japan and GU Japan online stores have been hacked and third parties accessed 461,091 customer accounts following a credential stuffing attack. [...]
https://www.bleepingcomputer.com/news/security/hackers-access-over-461-000-accounts-in-uniqlo-data-breach/
Fast Retailing, the company behind multiple Japanese retail brands, announced that the UNIQLO Japan and GU Japan online stores have been hacked and third parties accessed 461,091 customer accounts following a credential stuffing attack. [...]
https://www.bleepingcomputer.com/news/security/hackers-access-over-461-000-accounts-in-uniqlo-data-breach/
BleepingComputer
Hackers Access Over 461,000 Accounts in Uniqlo Data Breach
Fast Retailing, the company behind multiple Japanese retail brands, announced that the UNIQLO Japan and GU Japan online stores have been hacked and third parties accessed 461,091 customer accounts following a credential stuffing attack.
Keyloggers Injected in Web Trust Seal Supply Chain Attack
Hackers compromised the script used by Best of the Web to display their trust seal on their customers' websites and to add two key logging scripts designed to sniff keystrokes from visitors. [...]
https://www.bleepingcomputer.com/news/security/keyloggers-injected-in-web-trust-seal-supply-chain-attack/
Hackers compromised the script used by Best of the Web to display their trust seal on their customers' websites and to add two key logging scripts designed to sniff keystrokes from visitors. [...]
https://www.bleepingcomputer.com/news/security/keyloggers-injected-in-web-trust-seal-supply-chain-attack/
BleepingComputer
Keyloggers Injected in Web Trust Seal Supply Chain Attack
Hackers compromised the script used by Best of the Web to display their trust seal on their customers' websites and to add two key logging scripts designed to sniff keystrokes from visitors.
Microsoft Fixes Critical Remote Desktop Flaw, Blocks Worm Malware
Microsoft patched today a critical Remote Code Execution vulnerability found in the Remote Desktop Services platform which can allow malicious actors to create malware designed to propagate between computers running vulnerable RDS installations. [...]
https://www.bleepingcomputer.com/news/security/microsoft-fixes-critical-remote-desktop-flaw-blocks-worm-malware/
Microsoft patched today a critical Remote Code Execution vulnerability found in the Remote Desktop Services platform which can allow malicious actors to create malware designed to propagate between computers running vulnerable RDS installations. [...]
https://www.bleepingcomputer.com/news/security/microsoft-fixes-critical-remote-desktop-flaw-blocks-worm-malware/
BleepingComputer
Microsoft Fixes Critical Remote Desktop Flaw, Blocks Worm Malware
Microsoft patched today a critical Remote Code Execution vulnerability found in the Remote Desktop Services platform which can allow malicious actors to create malware designed to propagate between computers running vulnerable RDS installations.
New RIDL and Fallout Attacks Impact All Modern Intel CPUs
Multiple security researchers have released details about a new class of speculative attacks against all modern Intel processors. The attacks are different from and more dangerous than Meltdown and Spectre and their variations because they can leak data from CPU buffers, which is not necessarily present in caches. [...]
https://www.bleepingcomputer.com/news/security/new-ridl-and-fallout-attacks-impact-all-modern-intel-cpus/
Multiple security researchers have released details about a new class of speculative attacks against all modern Intel processors. The attacks are different from and more dangerous than Meltdown and Spectre and their variations because they can leak data from CPU buffers, which is not necessarily present in caches. [...]
https://www.bleepingcomputer.com/news/security/new-ridl-and-fallout-attacks-impact-all-modern-intel-cpus/
BleepingComputer
New RIDL and Fallout Attacks Impact All Modern Intel CPUs
Multiple security researchers have released details about a new class of speculative attacks against all modern Intel processors. The attacks are different from and more dangerous than Meltdown and Spectre and their variations because they can leak data fromβ¦
Security Updates Released for Adobe Flash Player and Media Encoder
Adobe has published their monthly Patch Tuesday updates for the month of May 2019. These updates includes fixes for two vulnerabilities in Adobe Media Encoder and one in Adobe Flash Player. [...]
https://www.bleepingcomputer.com/news/security/security-updates-released-for-adobe-flash-player-and-media-encoder/
Adobe has published their monthly Patch Tuesday updates for the month of May 2019. These updates includes fixes for two vulnerabilities in Adobe Media Encoder and one in Adobe Flash Player. [...]
https://www.bleepingcomputer.com/news/security/security-updates-released-for-adobe-flash-player-and-media-encoder/
BleepingComputer
Security Updates Released for Adobe Flash Player and Media Encoder
Adobe has published their monthly Patch Tuesday updates for the month of May 2019. These updates includes fixes for two vulnerabilities in Adobe Media Encoder and one in Adobe Flash Player.