Microsoft 365 Business Adds Granular Controls to Company Assets
Microsoft announced the addition of Azure Active Directory's Conditional Access capability to Microsoft 365 Business, making it simpler for small and medium-sized businesses to control access to company resources conditionally based on user, location, device, data, or app. [...]
https://www.bleepingcomputer.com/news/security/microsoft-365-business-adds-granular-controls-to-company-assets/
Microsoft announced the addition of Azure Active Directory's Conditional Access capability to Microsoft 365 Business, making it simpler for small and medium-sized businesses to control access to company resources conditionally based on user, location, device, data, or app. [...]
https://www.bleepingcomputer.com/news/security/microsoft-365-business-adds-granular-controls-to-company-assets/
BleepingComputer
Microsoft 365 Business Adds Granular Controls to Company Assets
Microsoft announced the addition of Azure Active Directory's Conditional Access capability to Microsoft 365 Business, making it simpler for small and medium-sized businesses to control access to company resources conditionally based on user, location, deviceβ¦
DDoS Attack on Telegram Messenger Leaves Users Hanging
Users of Telegram Messengers in certain parts of the world had trouble exchanging messages through the service today. The problems were caused by a distributed denial-of-service attack aiming at Telegram servers. [...]
https://www.bleepingcomputer.com/news/security/ddos-attack-on-telegram-messenger-leaves-users-hanging/
Users of Telegram Messengers in certain parts of the world had trouble exchanging messages through the service today. The problems were caused by a distributed denial-of-service attack aiming at Telegram servers. [...]
https://www.bleepingcomputer.com/news/security/ddos-attack-on-telegram-messenger-leaves-users-hanging/
BleepingComputer
DDoS Attack on Telegram Messenger Leaves Users Hanging
Users of Telegram Messengers in certain parts of the world had trouble exchanging messages through the service today. The problems were caused by a distributed denial-of-service attack aiming at Telegram servers.
Windows 10 Insider Build 18917 Tests New Download Throttling Settings
Microsoft has released Windows 10 Insider Preview Build 18917 to Insiders in the Fast ring. This build includes numerous improvements such as new Windows Update download throttling settings, WSL2, Narrator improvements, and Windows Ink improvements. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18917-tests-new-download-throttling-settings/
Microsoft has released Windows 10 Insider Preview Build 18917 to Insiders in the Fast ring. This build includes numerous improvements such as new Windows Update download throttling settings, WSL2, Narrator improvements, and Windows Ink improvements. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18917-tests-new-download-throttling-settings/
BleepingComputer
Windows 10 Insider Build 18917 Tests New Download Throttling Settings
Microsoft has released Windows 10 Insider Preview Build 18917 to Insiders in the Fast ring. This build includes numerous improvements such as new Windows Update download throttling settings, WSL2, Narrator improvements, and Windows Ink improvements.
Windows Subsystem for Linux 2 (WSL 2) Released to Insiders
With the release of the Windows 10 Insider Build 18917, Microsoft has made the Windows Subsystem for Linux version 2 (WSL 2) available for testing. Now insiders can convert their existing WSL 1 distributions to the new version in order to gain access to the increased performance and compatibility. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-subsystem-for-linux-2-wsl-2-released-to-insiders/
With the release of the Windows 10 Insider Build 18917, Microsoft has made the Windows Subsystem for Linux version 2 (WSL 2) available for testing. Now insiders can convert their existing WSL 1 distributions to the new version in order to gain access to the increased performance and compatibility. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-subsystem-for-linux-2-wsl-2-released-to-insiders/
BleepingComputer
Windows Subsystem for Linux 2 (WSL 2) Released to Insiders
With the release of the Windows 10 Insider Build 18917, Microsoft has made the Windows Subsystem for Linux version 2 (WSL 2) available for testing. Now insiders can convert their existing WSL 1 distributions to the new version in order to gain access to theβ¦
Cisco IOS XE Software Receives Fix Against High-Severity Flaw
Cisco today released an updated version for its IOS XE software to patch a high severity cross-site request forgery (CSRF) vulnerability. Demo exploit code is available. [...]
https://www.bleepingcomputer.com/news/security/cisco-ios-xe-software-receives-fix-against-high-severity-flaw/
Cisco today released an updated version for its IOS XE software to patch a high severity cross-site request forgery (CSRF) vulnerability. Demo exploit code is available. [...]
https://www.bleepingcomputer.com/news/security/cisco-ios-xe-software-receives-fix-against-high-severity-flaw/
BleepingComputer
Cisco IOS XE Software Receives Fix Against High-Severity Flaw
Cisco today released an updated version for its IOS XE software to patch a high severity cross-site request forgery (CSRF) vulnerability. Demo exploit code is available.
Some YubiKey FIPS Keys Allow Attackers to Reconstruct Private Keys
Yubico issued a security advisory saying that an issue impacting YubiKey FIPS Series devices (versions 4.4.2 and 4.4.4) reduces the strength of generated RSA keys and ECDSA signatures after power-up. [...]
https://www.bleepingcomputer.com/news/security/some-yubikey-fips-keys-allow-attackers-to-reconstruct-private-keys/
Yubico issued a security advisory saying that an issue impacting YubiKey FIPS Series devices (versions 4.4.2 and 4.4.4) reduces the strength of generated RSA keys and ECDSA signatures after power-up. [...]
https://www.bleepingcomputer.com/news/security/some-yubikey-fips-keys-allow-attackers-to-reconstruct-private-keys/
BleepingComputer
Some YubiKey FIPS Keys Allow Attackers to Reconstruct Private Keys
Yubico issued a security advisory saying that an issue impacting YubiKey FIPS Series devices (versions 4.4.2 and 4.4.4) reduces the strength of generated RSA keys and ECDSA signatures after power-up.
Millions of Exim Mail Servers Are Currently Being Attacked
Millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions are currently under siege, with attackers gaining permanent root access via SSH to the exploited machines according to security researchers. [...]
https://www.bleepingcomputer.com/news/security/millions-of-exim-mail-servers-are-currently-being-attacked/
Millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions are currently under siege, with attackers gaining permanent root access via SSH to the exploited machines according to security researchers. [...]
https://www.bleepingcomputer.com/news/security/millions-of-exim-mail-servers-are-currently-being-attacked/
BleepingComputer
Millions of Exim Mail Servers Are Currently Being Attacked
Millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions are currently under siege, with attackers gaining permanent root access via SSH to the exploited machines according to security researchers.
Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps
Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it. [...]
https://www.bleepingcomputer.com/news/security/critical-bug-in-infusion-system-allows-changing-drug-dose-in-medical-pumps/
Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it. [...]
https://www.bleepingcomputer.com/news/security/critical-bug-in-infusion-system-allows-changing-drug-dose-in-medical-pumps/
BleepingComputer
Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps
Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it.
pyLocky Decryptor Released by French Authorities
A decryptor for pyLocky Ransomware versions 1 and 2 has been released by French authorities that allows victim to decrypt their files for free. [...]
https://www.bleepingcomputer.com/news/security/pylocky-decryptor-released-by-french-authorities/
A decryptor for pyLocky Ransomware versions 1 and 2 has been released by French authorities that allows victim to decrypt their files for free. [...]
https://www.bleepingcomputer.com/news/security/pylocky-decryptor-released-by-french-authorities/
BleepingComputer
pyLocky Decryptor Released by French Authorities
A decryptor for pyLocky Ransomware versions 1 and 2 has been released by French authorities that allows victim to decrypt their files for free.
Twitter URLs Can Be Manipulated to Spread Fake News and Scams
The way Twitter creates URLs to a tweet could be abused for unscrupulous purposes that range from running disinformation campaigns to spreading malware or tricking users into landing on a malicious web page. [...]
https://www.bleepingcomputer.com/news/security/twitter-urls-can-be-manipulated-to-spread-fake-news-and-scams/
The way Twitter creates URLs to a tweet could be abused for unscrupulous purposes that range from running disinformation campaigns to spreading malware or tricking users into landing on a malicious web page. [...]
https://www.bleepingcomputer.com/news/security/twitter-urls-can-be-manipulated-to-spread-fake-news-and-scams/
BleepingComputer
Twitter URLs Can Be Manipulated to Spread Fake News and Scams
The way Twitter creates URLs to a tweet could be abused for unscrupulous purposes that range from running disinformation campaigns to spreading malware or tricking users into landing on a malicious web page.
Hackers Infect Businesses with CryptoMiners Using NSA Leaked Tools
Security researchers have discovered an ongoing cryptojacking campaign which infects unpatched computers of businesses from all over the world with XMRig Monero miners using Equation group's leaked exploit toolkit. [...]
https://www.bleepingcomputer.com/news/security/hackers-infect-businesses-with-cryptominers-using-nsa-leaked-tools/
Security researchers have discovered an ongoing cryptojacking campaign which infects unpatched computers of businesses from all over the world with XMRig Monero miners using Equation group's leaked exploit toolkit. [...]
https://www.bleepingcomputer.com/news/security/hackers-infect-businesses-with-cryptominers-using-nsa-leaked-tools/
BleepingComputer
Hackers Infect Businesses with CryptoMiners Using NSA Leaked Tools
Security researchers have discovered an ongoing cryptojacking campaign which infects unpatched computers of businesses from all over the world with XMRig Monero miners using Equation group's leaked exploit toolkit.
Chrome 76 Beta Allows Sites to Use Your OS Dark Mode Settings
Google is now rolling out Chrome 76 to the beta channel with dark mode and Payments API improvements, as well as easier to install Progressive Web Apps on the desktop. [...]
https://www.bleepingcomputer.com/news/google/chrome-76-beta-allows-sites-to-use-your-os-dark-mode-settings/
Google is now rolling out Chrome 76 to the beta channel with dark mode and Payments API improvements, as well as easier to install Progressive Web Apps on the desktop. [...]
https://www.bleepingcomputer.com/news/google/chrome-76-beta-allows-sites-to-use-your-os-dark-mode-settings/
BleepingComputer
Chrome 76 Beta Allows Sites to Use Your OS Dark Mode Settings
Google is now rolling out Chrome 76 to the beta channel with dark mode and Payments API improvements, as well as easier to install Progressive Web Apps on the desktop.
AVG Password Protection Blocked Firefox's Access to Saved Passwords
With the release of Firefox 67.0.2, some users began noticing that the browser had stopped automatically filling in their saved logins. Even worse, when they tried to access their saved logins using the Firefox password manager, they noticed that the list was empty. [...]
https://www.bleepingcomputer.com/news/security/avg-password-protection-blocked-firefoxs-access-to-saved-passwords/
With the release of Firefox 67.0.2, some users began noticing that the browser had stopped automatically filling in their saved logins. Even worse, when they tried to access their saved logins using the Firefox password manager, they noticed that the list was empty. [...]
https://www.bleepingcomputer.com/news/security/avg-password-protection-blocked-firefoxs-access-to-saved-passwords/
BleepingComputer
AVG Password Protection Blocked Firefox's Access to Saved Passwords
With the release of Firefox 67.0.2, some users began noticing that the browser had stopped automatically filling in their saved logins. Even worse, when they tried to access their saved logins using the Firefox password manager, they noticed that the listβ¦
Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware
Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building large scale botnets. [...]
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building large scale botnets. [...]
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/
BleepingComputer
Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware
Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building large scale botnets.
Echobot Botnet Spreads via 26 Exploits, Targets Oracle, VMware Apps
A relatively new botnet called Echobot has grown to 26 the number of exploits it uses to propagate. Most of the exploitation code it includes is for unpatched IoT devices, but enterprise apps Oracle WebLogic and VMware SD-Wan are among the targets, too. [...]
https://www.bleepingcomputer.com/news/security/echobot-botnet-spreads-via-26-exploits-targets-oracle-vmware-apps/
A relatively new botnet called Echobot has grown to 26 the number of exploits it uses to propagate. Most of the exploitation code it includes is for unpatched IoT devices, but enterprise apps Oracle WebLogic and VMware SD-Wan are among the targets, too. [...]
https://www.bleepingcomputer.com/news/security/echobot-botnet-spreads-via-26-exploits-targets-oracle-vmware-apps/
BleepingComputer
Echobot Botnet Spreads via 26 Exploits, Targets Oracle, VMware Apps
A relatively new botnet called Echobot has grown to 26 the number of exploits it uses to propagate. Most of the exploitation code it includes is for unpatched IoT devices, but enterprise apps Oracle WebLogic and VMware SD-Wan are among the targets, too.
New WSH RAT Malware Targets Bank Customers with Keyloggers
Security researchers have discovered an ongoing phishing campaign distributing a new remote access trojan (RAT) and actively targeting commercial banking customers with keyloggers and information stealers. [...]
https://www.bleepingcomputer.com/news/security/new-wsh-rat-malware-targets-bank-customers-with-keyloggers/
Security researchers have discovered an ongoing phishing campaign distributing a new remote access trojan (RAT) and actively targeting commercial banking customers with keyloggers and information stealers. [...]
https://www.bleepingcomputer.com/news/security/new-wsh-rat-malware-targets-bank-customers-with-keyloggers/
BleepingComputer
New WSH RAT Malware Targets Bank Customers with Keyloggers
Security researchers have discovered an ongoing phishing campaign distributing a new remote access trojan (RAT) and actively targeting commercial banking customers with keyloggers and information stealers.
New Android Trojan Leads Users to Scam Sites via Notifications
A new Android Trojan that uses website notifications to redirect users to scam and fraudulent sites has been discovered by security researchers on Google's Play Store. [...]
https://www.bleepingcomputer.com/news/security/new-android-trojan-leads-users-to-scam-sites-via-notifications/
A new Android Trojan that uses website notifications to redirect users to scam and fraudulent sites has been discovered by security researchers on Google's Play Store. [...]
https://www.bleepingcomputer.com/news/security/new-android-trojan-leads-users-to-scam-sites-via-notifications/
BleepingComputer
New Android Trojan Leads Users to Scam Sites via Notifications
A new Android Trojan that uses website notifications to redirect users to scam and fraudulent sites has been discovered by security researchers on Google's Play Store.
The Week in Ransomware - June 14th 2019 - pyLocky and GandCrab Cleans Up
This week we saw French law enforcement releasing a decryptor for the pyLocky Ransomware. We also saw a charity in Washington and a airplane manufacturer become infected with ransomware. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-14th-2019-pylocky-and-gandcrab-cleans-up/
This week we saw French law enforcement releasing a decryptor for the pyLocky Ransomware. We also saw a charity in Washington and a airplane manufacturer become infected with ransomware. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-14th-2019-pylocky-and-gandcrab-cleans-up/
BleepingComputer
The Week in Ransomware - June 14th 2019 - pyLocky and GandCrab Cleans Up
This week we saw French law enforcement releasing a decryptor for the pyLocky Ransomware. We also saw a charity in Washington and a airplane manufacturer become infected with ransomware.
Three U.S. Universities Disclose Data Breaches Over Two-Day Span
Three U.S. universities have disclosed data breach incidents impacting personally identifiable information of students or employees following unauthorized access to some of their employees' email accounts. [...]
https://www.bleepingcomputer.com/news/security/three-us-universities-disclose-data-breaches-over-two-day-span/
Three U.S. universities have disclosed data breach incidents impacting personally identifiable information of students or employees following unauthorized access to some of their employees' email accounts. [...]
https://www.bleepingcomputer.com/news/security/three-us-universities-disclose-data-breaches-over-two-day-span/
BleepingComputer
Three U.S. Universities Disclose Data Breaches Over Two-Day Span
Three U.S. universities have disclosed data breach incidents impacting personally identifiable information of students or employees following unauthorized access to some of their employees' email accounts.
Google Chrome Canary Flag Makes The Browser a Colorful Mess
Google is testing a new feature in the Chrome Canary builds that allows you to change the colors used by various user interface elements of the browser. This allows users to make the browser and its New Tab Page a colorful mess that some may find amusing, while others find painful. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-canary-flag-makes-the-browser-a-colorful-mess/
Google is testing a new feature in the Chrome Canary builds that allows you to change the colors used by various user interface elements of the browser. This allows users to make the browser and its New Tab Page a colorful mess that some may find amusing, while others find painful. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-canary-flag-makes-the-browser-a-colorful-mess/
BleepingComputer
Google Chrome Canary Flag Makes The Browser a Colorful Mess
Google is testing a new feature in the Chrome Canary builds that allows you to change the colors used by various user interface elements of the browser. This allows users to make the browser and its New Tab Page a colorful mess that some may find amusingβ¦
Windows 10: The Upcoming Features and Improvements in 20H1
Windows 10 20H1 builds are available for Windows Insiders with several new changes, giving us a glimpse of what's coming. In this article, we'll take a closer look at the changes and improvements included in Windows 10 20H1 preview builds. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-the-upcoming-features-and-improvements-in-20h1/
Windows 10 20H1 builds are available for Windows Insiders with several new changes, giving us a glimpse of what's coming. In this article, we'll take a closer look at the changes and improvements included in Windows 10 20H1 preview builds. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-the-upcoming-features-and-improvements-in-20h1/
BleepingComputer
Windows 10: The Upcoming Features and Improvements in 20H1
Windows 10 20H1 builds are available for Windows Insiders with several new changes, giving us a glimpse of what's coming. In this article, we'll take a closer look at the changes and improvements included in Windows 10 20H1 preview builds.