Androidβs Security Key Now Verifies Sign-Ins on iOS Devices
Google now allows iPad and iPhone users to verify sign-ins into Google and Google Cloud services using the security keys built into Android phones running Android 7.0 or later. [...]
https://www.bleepingcomputer.com/news/security/android-s-security-key-now-verifies-sign-ins-on-ios-devices/
Google now allows iPad and iPhone users to verify sign-ins into Google and Google Cloud services using the security keys built into Android phones running Android 7.0 or later. [...]
https://www.bleepingcomputer.com/news/security/android-s-security-key-now-verifies-sign-ins-on-ios-devices/
BleepingComputer
Androidβs Security Key Now Verifies Sign-Ins on iOS Devices
Google now allows iPad and iPhone users to verify sign-ins into Google and Google Cloud services using the security keys built into Android phones running Android 7.0 or later.
Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps
Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it. [...]
https://www.bleepingcomputer.com/news/security/critical-bug-in-infusion-system-allows-changing-drug-dose-in-medical-pumps/
Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it. [...]
https://www.bleepingcomputer.com/news/security/critical-bug-in-infusion-system-allows-changing-drug-dose-in-medical-pumps/
BleepingComputer
Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps
Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it.
Windows 10 v1903, v1809 Updates Break Event Viewer Custom Views
With the release of Microsoft June 2019 Patch Tuesday updates yesterday, users have noticed that trying to access the Custom Views section of the Windows 10 Event Viewer will cause the program to stop working correctly. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-v1903-v1809-updates-break-event-viewer-custom-views/
With the release of Microsoft June 2019 Patch Tuesday updates yesterday, users have noticed that trying to access the Custom Views section of the Windows 10 Event Viewer will cause the program to stop working correctly. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-v1903-v1809-updates-break-event-viewer-custom-views/
BleepingComputer
Windows 10 v1903, v1809 Updates Break Event Viewer Custom Views
With the release of Microsoft June 2019 Patch Tuesday updates yesterday, users have noticed that trying to access the Custom Views section of the Windows 10 Event Viewer will cause the program to stop working correctly.
Microsoft 365 Business Adds Granular Controls to Company Assets
Microsoft announced the addition of Azure Active Directory's Conditional Access capability to Microsoft 365 Business, making it simpler for small and medium-sized businesses to control access to company resources conditionally based on user, location, device, data, or app. [...]
https://www.bleepingcomputer.com/news/security/microsoft-365-business-adds-granular-controls-to-company-assets/
Microsoft announced the addition of Azure Active Directory's Conditional Access capability to Microsoft 365 Business, making it simpler for small and medium-sized businesses to control access to company resources conditionally based on user, location, device, data, or app. [...]
https://www.bleepingcomputer.com/news/security/microsoft-365-business-adds-granular-controls-to-company-assets/
BleepingComputer
Microsoft 365 Business Adds Granular Controls to Company Assets
Microsoft announced the addition of Azure Active Directory's Conditional Access capability to Microsoft 365 Business, making it simpler for small and medium-sized businesses to control access to company resources conditionally based on user, location, deviceβ¦
DDoS Attack on Telegram Messenger Leaves Users Hanging
Users of Telegram Messengers in certain parts of the world had trouble exchanging messages through the service today. The problems were caused by a distributed denial-of-service attack aiming at Telegram servers. [...]
https://www.bleepingcomputer.com/news/security/ddos-attack-on-telegram-messenger-leaves-users-hanging/
Users of Telegram Messengers in certain parts of the world had trouble exchanging messages through the service today. The problems were caused by a distributed denial-of-service attack aiming at Telegram servers. [...]
https://www.bleepingcomputer.com/news/security/ddos-attack-on-telegram-messenger-leaves-users-hanging/
BleepingComputer
DDoS Attack on Telegram Messenger Leaves Users Hanging
Users of Telegram Messengers in certain parts of the world had trouble exchanging messages through the service today. The problems were caused by a distributed denial-of-service attack aiming at Telegram servers.
Windows 10 Insider Build 18917 Tests New Download Throttling Settings
Microsoft has released Windows 10 Insider Preview Build 18917 to Insiders in the Fast ring. This build includes numerous improvements such as new Windows Update download throttling settings, WSL2, Narrator improvements, and Windows Ink improvements. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18917-tests-new-download-throttling-settings/
Microsoft has released Windows 10 Insider Preview Build 18917 to Insiders in the Fast ring. This build includes numerous improvements such as new Windows Update download throttling settings, WSL2, Narrator improvements, and Windows Ink improvements. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18917-tests-new-download-throttling-settings/
BleepingComputer
Windows 10 Insider Build 18917 Tests New Download Throttling Settings
Microsoft has released Windows 10 Insider Preview Build 18917 to Insiders in the Fast ring. This build includes numerous improvements such as new Windows Update download throttling settings, WSL2, Narrator improvements, and Windows Ink improvements.
Windows Subsystem for Linux 2 (WSL 2) Released to Insiders
With the release of the Windows 10 Insider Build 18917, Microsoft has made the Windows Subsystem for Linux version 2 (WSL 2) available for testing. Now insiders can convert their existing WSL 1 distributions to the new version in order to gain access to the increased performance and compatibility. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-subsystem-for-linux-2-wsl-2-released-to-insiders/
With the release of the Windows 10 Insider Build 18917, Microsoft has made the Windows Subsystem for Linux version 2 (WSL 2) available for testing. Now insiders can convert their existing WSL 1 distributions to the new version in order to gain access to the increased performance and compatibility. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-subsystem-for-linux-2-wsl-2-released-to-insiders/
BleepingComputer
Windows Subsystem for Linux 2 (WSL 2) Released to Insiders
With the release of the Windows 10 Insider Build 18917, Microsoft has made the Windows Subsystem for Linux version 2 (WSL 2) available for testing. Now insiders can convert their existing WSL 1 distributions to the new version in order to gain access to theβ¦
Cisco IOS XE Software Receives Fix Against High-Severity Flaw
Cisco today released an updated version for its IOS XE software to patch a high severity cross-site request forgery (CSRF) vulnerability. Demo exploit code is available. [...]
https://www.bleepingcomputer.com/news/security/cisco-ios-xe-software-receives-fix-against-high-severity-flaw/
Cisco today released an updated version for its IOS XE software to patch a high severity cross-site request forgery (CSRF) vulnerability. Demo exploit code is available. [...]
https://www.bleepingcomputer.com/news/security/cisco-ios-xe-software-receives-fix-against-high-severity-flaw/
BleepingComputer
Cisco IOS XE Software Receives Fix Against High-Severity Flaw
Cisco today released an updated version for its IOS XE software to patch a high severity cross-site request forgery (CSRF) vulnerability. Demo exploit code is available.
Some YubiKey FIPS Keys Allow Attackers to Reconstruct Private Keys
Yubico issued a security advisory saying that an issue impacting YubiKey FIPS Series devices (versions 4.4.2 and 4.4.4) reduces the strength of generated RSA keys and ECDSA signatures after power-up. [...]
https://www.bleepingcomputer.com/news/security/some-yubikey-fips-keys-allow-attackers-to-reconstruct-private-keys/
Yubico issued a security advisory saying that an issue impacting YubiKey FIPS Series devices (versions 4.4.2 and 4.4.4) reduces the strength of generated RSA keys and ECDSA signatures after power-up. [...]
https://www.bleepingcomputer.com/news/security/some-yubikey-fips-keys-allow-attackers-to-reconstruct-private-keys/
BleepingComputer
Some YubiKey FIPS Keys Allow Attackers to Reconstruct Private Keys
Yubico issued a security advisory saying that an issue impacting YubiKey FIPS Series devices (versions 4.4.2 and 4.4.4) reduces the strength of generated RSA keys and ECDSA signatures after power-up.
Millions of Exim Mail Servers Are Currently Being Attacked
Millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions are currently under siege, with attackers gaining permanent root access via SSH to the exploited machines according to security researchers. [...]
https://www.bleepingcomputer.com/news/security/millions-of-exim-mail-servers-are-currently-being-attacked/
Millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions are currently under siege, with attackers gaining permanent root access via SSH to the exploited machines according to security researchers. [...]
https://www.bleepingcomputer.com/news/security/millions-of-exim-mail-servers-are-currently-being-attacked/
BleepingComputer
Millions of Exim Mail Servers Are Currently Being Attacked
Millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions are currently under siege, with attackers gaining permanent root access via SSH to the exploited machines according to security researchers.
Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps
Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it. [...]
https://www.bleepingcomputer.com/news/security/critical-bug-in-infusion-system-allows-changing-drug-dose-in-medical-pumps/
Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it. [...]
https://www.bleepingcomputer.com/news/security/critical-bug-in-infusion-system-allows-changing-drug-dose-in-medical-pumps/
BleepingComputer
Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps
Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it.
pyLocky Decryptor Released by French Authorities
A decryptor for pyLocky Ransomware versions 1 and 2 has been released by French authorities that allows victim to decrypt their files for free. [...]
https://www.bleepingcomputer.com/news/security/pylocky-decryptor-released-by-french-authorities/
A decryptor for pyLocky Ransomware versions 1 and 2 has been released by French authorities that allows victim to decrypt their files for free. [...]
https://www.bleepingcomputer.com/news/security/pylocky-decryptor-released-by-french-authorities/
BleepingComputer
pyLocky Decryptor Released by French Authorities
A decryptor for pyLocky Ransomware versions 1 and 2 has been released by French authorities that allows victim to decrypt their files for free.
Twitter URLs Can Be Manipulated to Spread Fake News and Scams
The way Twitter creates URLs to a tweet could be abused for unscrupulous purposes that range from running disinformation campaigns to spreading malware or tricking users into landing on a malicious web page. [...]
https://www.bleepingcomputer.com/news/security/twitter-urls-can-be-manipulated-to-spread-fake-news-and-scams/
The way Twitter creates URLs to a tweet could be abused for unscrupulous purposes that range from running disinformation campaigns to spreading malware or tricking users into landing on a malicious web page. [...]
https://www.bleepingcomputer.com/news/security/twitter-urls-can-be-manipulated-to-spread-fake-news-and-scams/
BleepingComputer
Twitter URLs Can Be Manipulated to Spread Fake News and Scams
The way Twitter creates URLs to a tweet could be abused for unscrupulous purposes that range from running disinformation campaigns to spreading malware or tricking users into landing on a malicious web page.
Hackers Infect Businesses with CryptoMiners Using NSA Leaked Tools
Security researchers have discovered an ongoing cryptojacking campaign which infects unpatched computers of businesses from all over the world with XMRig Monero miners using Equation group's leaked exploit toolkit. [...]
https://www.bleepingcomputer.com/news/security/hackers-infect-businesses-with-cryptominers-using-nsa-leaked-tools/
Security researchers have discovered an ongoing cryptojacking campaign which infects unpatched computers of businesses from all over the world with XMRig Monero miners using Equation group's leaked exploit toolkit. [...]
https://www.bleepingcomputer.com/news/security/hackers-infect-businesses-with-cryptominers-using-nsa-leaked-tools/
BleepingComputer
Hackers Infect Businesses with CryptoMiners Using NSA Leaked Tools
Security researchers have discovered an ongoing cryptojacking campaign which infects unpatched computers of businesses from all over the world with XMRig Monero miners using Equation group's leaked exploit toolkit.
Chrome 76 Beta Allows Sites to Use Your OS Dark Mode Settings
Google is now rolling out Chrome 76 to the beta channel with dark mode and Payments API improvements, as well as easier to install Progressive Web Apps on the desktop. [...]
https://www.bleepingcomputer.com/news/google/chrome-76-beta-allows-sites-to-use-your-os-dark-mode-settings/
Google is now rolling out Chrome 76 to the beta channel with dark mode and Payments API improvements, as well as easier to install Progressive Web Apps on the desktop. [...]
https://www.bleepingcomputer.com/news/google/chrome-76-beta-allows-sites-to-use-your-os-dark-mode-settings/
BleepingComputer
Chrome 76 Beta Allows Sites to Use Your OS Dark Mode Settings
Google is now rolling out Chrome 76 to the beta channel with dark mode and Payments API improvements, as well as easier to install Progressive Web Apps on the desktop.
AVG Password Protection Blocked Firefox's Access to Saved Passwords
With the release of Firefox 67.0.2, some users began noticing that the browser had stopped automatically filling in their saved logins. Even worse, when they tried to access their saved logins using the Firefox password manager, they noticed that the list was empty. [...]
https://www.bleepingcomputer.com/news/security/avg-password-protection-blocked-firefoxs-access-to-saved-passwords/
With the release of Firefox 67.0.2, some users began noticing that the browser had stopped automatically filling in their saved logins. Even worse, when they tried to access their saved logins using the Firefox password manager, they noticed that the list was empty. [...]
https://www.bleepingcomputer.com/news/security/avg-password-protection-blocked-firefoxs-access-to-saved-passwords/
BleepingComputer
AVG Password Protection Blocked Firefox's Access to Saved Passwords
With the release of Firefox 67.0.2, some users began noticing that the browser had stopped automatically filling in their saved logins. Even worse, when they tried to access their saved logins using the Firefox password manager, they noticed that the listβ¦
Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware
Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building large scale botnets. [...]
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building large scale botnets. [...]
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
BleepingComputer
Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware
Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building large scale botnets.
Echobot Botnet Spreads via 26 Exploits, Targets Oracle, VMware Apps
A relatively new botnet called Echobot has grown to 26 the number of exploits it uses to propagate. Most of the exploitation code it includes is for unpatched IoT devices, but enterprise apps Oracle WebLogic and VMware SD-Wan are among the targets, too. [...]
https://www.bleepingcomputer.com/news/security/echobot-botnet-spreads-via-26-exploits-targets-oracle-vmware-apps/
A relatively new botnet called Echobot has grown to 26 the number of exploits it uses to propagate. Most of the exploitation code it includes is for unpatched IoT devices, but enterprise apps Oracle WebLogic and VMware SD-Wan are among the targets, too. [...]
https://www.bleepingcomputer.com/news/security/echobot-botnet-spreads-via-26-exploits-targets-oracle-vmware-apps/
BleepingComputer
Echobot Botnet Spreads via 26 Exploits, Targets Oracle, VMware Apps
A relatively new botnet called Echobot has grown to 26 the number of exploits it uses to propagate. Most of the exploitation code it includes is for unpatched IoT devices, but enterprise apps Oracle WebLogic and VMware SD-Wan are among the targets, too.
New WSH RAT Malware Targets Bank Customers with Keyloggers
Security researchers have discovered an ongoing phishing campaign distributing a new remote access trojan (RAT) and actively targeting commercial banking customers with keyloggers and information stealers. [...]
https://www.bleepingcomputer.com/news/security/new-wsh-rat-malware-targets-bank-customers-with-keyloggers/
Security researchers have discovered an ongoing phishing campaign distributing a new remote access trojan (RAT) and actively targeting commercial banking customers with keyloggers and information stealers. [...]
https://www.bleepingcomputer.com/news/security/new-wsh-rat-malware-targets-bank-customers-with-keyloggers/
BleepingComputer
New WSH RAT Malware Targets Bank Customers with Keyloggers
Security researchers have discovered an ongoing phishing campaign distributing a new remote access trojan (RAT) and actively targeting commercial banking customers with keyloggers and information stealers.
New Android Trojan Leads Users to Scam Sites via Notifications
A new Android Trojan that uses website notifications to redirect users to scam and fraudulent sites has been discovered by security researchers on Google's Play Store. [...]
https://www.bleepingcomputer.com/news/security/new-android-trojan-leads-users-to-scam-sites-via-notifications/
A new Android Trojan that uses website notifications to redirect users to scam and fraudulent sites has been discovered by security researchers on Google's Play Store. [...]
https://www.bleepingcomputer.com/news/security/new-android-trojan-leads-users-to-scam-sites-via-notifications/
BleepingComputer
New Android Trojan Leads Users to Scam Sites via Notifications
A new Android Trojan that uses website notifications to redirect users to scam and fraudulent sites has been discovered by security researchers on Google's Play Store.
The Week in Ransomware - June 14th 2019 - pyLocky and GandCrab Cleans Up
This week we saw French law enforcement releasing a decryptor for the pyLocky Ransomware. We also saw a charity in Washington and a airplane manufacturer become infected with ransomware. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-14th-2019-pylocky-and-gandcrab-cleans-up/
This week we saw French law enforcement releasing a decryptor for the pyLocky Ransomware. We also saw a charity in Washington and a airplane manufacturer become infected with ransomware. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-14th-2019-pylocky-and-gandcrab-cleans-up/
BleepingComputer
The Week in Ransomware - June 14th 2019 - pyLocky and GandCrab Cleans Up
This week we saw French law enforcement releasing a decryptor for the pyLocky Ransomware. We also saw a charity in Washington and a airplane manufacturer become infected with ransomware.