Microsoft Warns about Worm Attacking Exim Servers on Azure
Microsoft issued a warning over the weekend about an active Linux worm that is targeting a recently disclosed Linux Exim mail server vulnerability. Though existing mitigations exist to block the worm functionality of this infection, Microsoft states that Azure servers can still be infected or hacked through this vulnerability. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-about-worm-attacking-exim-servers-on-azure/
Microsoft issued a warning over the weekend about an active Linux worm that is targeting a recently disclosed Linux Exim mail server vulnerability. Though existing mitigations exist to block the worm functionality of this infection, Microsoft states that Azure servers can still be infected or hacked through this vulnerability. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-about-worm-attacking-exim-servers-on-azure/
BleepingComputer
Microsoft Warns about Worm Attacking Exim Servers on Azure
Microsoft issued a warning over the weekend about an active Linux worm that is targeting a recently disclosed Linux Exim mail server vulnerability. Though existing mitigations exist to block the worm functionality of this infection, Microsoft states thatβ¦
Release of GandCrab 5.2 Decryptor Ends a Bad Ransomware Story
In collaboration with law enforcement agencies around the world, Bitdefender has released an updated decryptor for the GandCrab Ransomware that can decrypt files encrypted by versions 1, 4, and 5 through 5.2. [...]
https://www.bleepingcomputer.com/news/security/release-of-gandcrab-52-decryptor-ends-a-bad-ransomware-story/
In collaboration with law enforcement agencies around the world, Bitdefender has released an updated decryptor for the GandCrab Ransomware that can decrypt files encrypted by versions 1, 4, and 5 through 5.2. [...]
https://www.bleepingcomputer.com/news/security/release-of-gandcrab-52-decryptor-ends-a-bad-ransomware-story/
BleepingComputer
Release of GandCrab 5.2 Decryptor Ends a Bad Ransomware Story
In collaboration with law enforcement agencies around the world, Bitdefender has released an updated decryptor for the GandCrab Ransomware that can decrypt files encrypted by versions 1, 4, and 5 through 5.2.
Samsung's Smart TV Malware Scan Reminder Met by User Criticism
Samsung issued a reminder for customers to scan their Internet-connected Smart QLED TVs for malware to prevent malicious campaigns from targeting their devices and use them as part of cyber attacks. [...]
https://www.bleepingcomputer.com/news/security/samsungs-smart-tv-malware-scan-reminder-met-by-user-criticism/
Samsung issued a reminder for customers to scan their Internet-connected Smart QLED TVs for malware to prevent malicious campaigns from targeting their devices and use them as part of cyber attacks. [...]
https://www.bleepingcomputer.com/news/security/samsungs-smart-tv-malware-scan-reminder-met-by-user-criticism/
BleepingComputer
Samsung's Smart TV Malware Scan Reminder Met by User Criticism
Samsung issued a reminder for customers to scan their Internet-connected Smart QLED TVs for malware to prevent malicious campaigns from targeting their devices and use them as part of cyber attacks.
U.S. Govt Achieves BlueKeep Remote Code Execution, Issues Alert
The Cybersecurity and Infrastructure Security Agency (CISA) published an alert for Windows users to patch the critical severity Remote Desktop Services (RDS) RCE security flaw dubbed BlueKeep. [...]
https://www.bleepingcomputer.com/news/security/us-govt-achieves-bluekeep-remote-code-execution-issues-alert/
The Cybersecurity and Infrastructure Security Agency (CISA) published an alert for Windows users to patch the critical severity Remote Desktop Services (RDS) RCE security flaw dubbed BlueKeep. [...]
https://www.bleepingcomputer.com/news/security/us-govt-achieves-bluekeep-remote-code-execution-issues-alert/
BleepingComputer
U.S. Govt Achieves BlueKeep Remote Code Execution, Issues Alert
The Cybersecurity and Infrastructure Security Agency (CISA) published an alert for Windows users to patch the critical severity Remote Desktop Services (RDS) RCE security flaw dubbed BlueKeep.
Android Malware Bypasses 2FA by Stealing One-Time Passwords
Researchers monitoring malware that affects Android devices discovered malicious apps that can steal one-time passwords (OTP) from the notification system. This development bypasses Google's ban on apps that access SMS and call logs without justification. [...]
https://www.bleepingcomputer.com/news/security/android-malware-bypasses-2fa-by-stealing-one-time-passwords/
Researchers monitoring malware that affects Android devices discovered malicious apps that can steal one-time passwords (OTP) from the notification system. This development bypasses Google's ban on apps that access SMS and call logs without justification. [...]
https://www.bleepingcomputer.com/news/security/android-malware-bypasses-2fa-by-stealing-one-time-passwords/
BleepingComputer
Android Malware Bypasses 2FA by Stealing One-Time Passwords
Researchers monitoring malware that affects Android devices discovered malicious apps that can steal one-time passwords (OTP) from the notification system. This development bypasses Google's ban on apps that access SMS and call logs without justification.
How To Secure Your Network: Five Modern Alternatives to VPN
Are there alternatives to VPNs that provide better security and anonymity for users, and more visibility and control for IT when and where needed? While the answer depends mostly on your organization's needs, five solutions deliver where traditional VPNs fall short. [...]
https://www.bleepingcomputer.com/news/security/how-to-secure-your-network-five-modern-alternatives-to-vpn/
Are there alternatives to VPNs that provide better security and anonymity for users, and more visibility and control for IT when and where needed? While the answer depends mostly on your organization's needs, five solutions deliver where traditional VPNs fall short. [...]
https://www.bleepingcomputer.com/news/security/how-to-secure-your-network-five-modern-alternatives-to-vpn/
BleepingComputer
How To Secure Your Network: Five Modern Alternatives to VPN
Are there alternatives to VPNs that provide better security and anonymity for users, and more visibility and control for IT when and where needed? While the answer depends mostly on your organization's needs, five solutions deliver where traditional VPNsβ¦
Multiple Linux and FreeBSD DoS Vulnerabilities Found by Netflix
A denial of service flaw found in the way recent Linux and FreeBSD kernels handle TCP networking can be exploited by remote attackers to trigger a kernel panic in vulnerable systems. [...]
https://www.bleepingcomputer.com/news/security/multiple-linux-and-freebsd-dos-vulnerabilities-found-by-netflix/
A denial of service flaw found in the way recent Linux and FreeBSD kernels handle TCP networking can be exploited by remote attackers to trigger a kernel panic in vulnerable systems. [...]
https://www.bleepingcomputer.com/news/security/multiple-linux-and-freebsd-dos-vulnerabilities-found-by-netflix/
BleepingComputer
Multiple Linux and FreeBSD DoS Vulnerabilities Found by Netflix
A denial of service flaw found in the way recent Linux and FreeBSD kernels handle TCP networking can be exploited by remote attackers to trigger a kernel panic in vulnerable systems.
Accidental Cat Filter Makes Politician's Live Stream Hilarious
In what feels like a skit, a Pakistani politician forgot to turn off a cat filter during a Facebook Live press conference. [...]
https://www.bleepingcomputer.com/news/government/accidental-cat-filter-makes-politicians-live-stream-hilarious/
In what feels like a skit, a Pakistani politician forgot to turn off a cat filter during a Facebook Live press conference. [...]
https://www.bleepingcomputer.com/news/government/accidental-cat-filter-makes-politicians-live-stream-hilarious/
BleepingComputer
Accidental Cat Filter Makes Politician's Live Stream Hilarious
In what feels like a skit, a Pakistani politician forgot to turn off a cat filter during a Facebook Live press conference.
Docker Desktop for Windows 10 Will Soon Switch to WSL 2
Docker announced that its native Docker Desktop Windows application will soon switch to the Windows Subsystem for Linux 2 (WSL 2) from the Windows-native Hyper-V virtualization it currently uses. [...]
https://www.bleepingcomputer.com/news/security/docker-desktop-for-windows-10-will-soon-switch-to-wsl-2/
Docker announced that its native Docker Desktop Windows application will soon switch to the Windows Subsystem for Linux 2 (WSL 2) from the Windows-native Hyper-V virtualization it currently uses. [...]
https://www.bleepingcomputer.com/news/security/docker-desktop-for-windows-10-will-soon-switch-to-wsl-2/
BleepingComputer
Docker Desktop for Windows 10 Will Soon Switch to WSL 2
Docker announced that its native Docker Desktop Windows application will soon switch to the Windows Subsystem for Linux 2 (WSL 2) from the Windows-native Hyper-V virtualization it currently uses.
Hacker Steals Customer Payment Info in EatStreet Data Breach
Online food ordering service EatStreet disclosed a security incident from May which led to a data breach involving customer payment card information, as well as sensitive info of delivery and restaurant partners. [...]
https://www.bleepingcomputer.com/news/security/hacker-steals-customer-payment-info-in-eatstreet-data-breach/
Online food ordering service EatStreet disclosed a security incident from May which led to a data breach involving customer payment card information, as well as sensitive info of delivery and restaurant partners. [...]
https://www.bleepingcomputer.com/news/security/hacker-steals-customer-payment-info-in-eatstreet-data-breach/
BleepingComputer
Hacker Steals Customer Payment Info in EatStreet Data Breach
Online food ordering service EatStreet disclosed a security incident from May which led to a data breach involving customer payment card information, as well as sensitive info of delivery and restaurant partners.
Threat Actors Use Older Cobalt Strike Versions to Blend In
Plenty of outdated Cobalt Strike servers exist in the wild, helping cybercriminals or giving security professionals the upper hand when testing corporate defenses; and they can be easily identified to stifle intrusions of any purpose. [...]
https://www.bleepingcomputer.com/news/security/threat-actors-use-older-cobalt-strike-versions-to-blend-in/
Plenty of outdated Cobalt Strike servers exist in the wild, helping cybercriminals or giving security professionals the upper hand when testing corporate defenses; and they can be easily identified to stifle intrusions of any purpose. [...]
https://www.bleepingcomputer.com/news/security/threat-actors-use-older-cobalt-strike-versions-to-blend-in/
BleepingComputer
Threat Actors Use Older Cobalt Strike Versions to Blend In
Plenty of outdated Cobalt Strike servers exist in the wild, helping cybercriminals or giving security professionals the upper hand when testing corporate defenses; and they can be easily identified to stifle intrusions of any purpose.
Microsoft Azure Bastion Preview: Remote VM Access via Azure Portal
Microsoft announced the preview of Azure Bastion, a managed PaaS service designed to provide RDP and SSH access via a web browser to VMs on an Azure Virtual Network (VNet) without having to assign public IP addresses. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-azure-bastion-preview-remote-vm-access-via-azure-portal/
Microsoft announced the preview of Azure Bastion, a managed PaaS service designed to provide RDP and SSH access via a web browser to VMs on an Azure Virtual Network (VNet) without having to assign public IP addresses. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-azure-bastion-preview-remote-vm-access-via-azure-portal/
BleepingComputer
Microsoft Azure Bastion Preview: Remote VM Access via Azure Portal
Microsoft announced the preview of Azure Bastion, a managed PaaS service designed to provide RDP and SSH access via a web browser to VMs on an Azure Virtual Network (VNet) without having to assign public IP addresses.
Google Adds Deceptive URL Alerts To Chrome, Unsafe URL Report Add-on
Google announced the addition of a new feature which warns users of sites that try to pose as recently visited pages and a Google Chrome extension designed to allow them to report suspicious sites to Google's Safe Browsing team. [...]
https://www.bleepingcomputer.com/news/google/google-adds-deceptive-url-alerts-to-chrome-unsafe-url-report-add-on/
Google announced the addition of a new feature which warns users of sites that try to pose as recently visited pages and a Google Chrome extension designed to allow them to report suspicious sites to Google's Safe Browsing team. [...]
https://www.bleepingcomputer.com/news/google/google-adds-deceptive-url-alerts-to-chrome-unsafe-url-report-add-on/
BleepingComputer
Google Adds Deceptive URL Alerts To Chrome, Unsafe URL Report Add-on
Google announced the addition of a new feature which warns users of sites that try to pose as recently visited pages and a Google Chrome extension designed to allow them to report suspicious sites to Google's Safe Browsing team.
Open Source Clones Unofficially Sold on the Microsoft Store
Developers are taking free open source programs, repackaging them as Windows 10 UWP apps under different names, and then offering them on the Microsoft Store. In some cases, the developers are offering these programs as paid apps or with in-app purchases. [...]
https://www.bleepingcomputer.com/news/microsoft/open-source-clones-unofficially-sold-on-the-microsoft-store/
Developers are taking free open source programs, repackaging them as Windows 10 UWP apps under different names, and then offering them on the Microsoft Store. In some cases, the developers are offering these programs as paid apps or with in-app purchases. [...]
https://www.bleepingcomputer.com/news/microsoft/open-source-clones-unofficially-sold-on-the-microsoft-store/
BleepingComputer
Open Source Clones Unofficially Sold on the Microsoft Store
Developers are taking free open source programs, repackaging them as Windows 10 UWP apps under different names, and then offering them on the Microsoft Store. In some cases, the developers are offering these programs as paid apps or with in-app purchases.
Mozilla Firefox 67.0.3 Patches Actively Exploited Zero-Day
Mozilla released Firefox 67.0.3 and Firefox ESR 60.7.1 to patch an actively exploited and critical severity vulnerability which could allow attackers to remotely execute arbitrary code on machines running vulnerable Firefox versions. [...]
https://www.bleepingcomputer.com/news/security/mozilla-firefox-6703-patches-actively-exploited-zero-day/
Mozilla released Firefox 67.0.3 and Firefox ESR 60.7.1 to patch an actively exploited and critical severity vulnerability which could allow attackers to remotely execute arbitrary code on machines running vulnerable Firefox versions. [...]
https://www.bleepingcomputer.com/news/security/mozilla-firefox-6703-patches-actively-exploited-zero-day/
BleepingComputer
Mozilla Firefox 67.0.3 Patches Actively Exploited Zero-Day
Mozilla released Firefox 67.0.3 and Firefox ESR 60.7.1 to patch an actively exploited and critical severity vulnerability which could allow attackers to remotely execute arbitrary code on machines running vulnerable Firefox versions.
Windows 10 1809 Cumulative Update KB4501371 Released With Fixes
Microsoft has released a new cumulative update for Windows 10 version 1809 that includes fixes for numerous issues in the operating system. The update is titled "2019-06 Cumulative Update for Windows 10 Version 1809 (KB4501371)" and does not contain any security fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-1809-cumulative-update-kb4501371-released-with-fixes/
Microsoft has released a new cumulative update for Windows 10 version 1809 that includes fixes for numerous issues in the operating system. The update is titled "2019-06 Cumulative Update for Windows 10 Version 1809 (KB4501371)" and does not contain any security fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-1809-cumulative-update-kb4501371-released-with-fixes/
BleepingComputer
Windows 10 1809 Cumulative Update KB4501371 Released With Fixes
Microsoft has released a new cumulative update for Windows 10 version 1809 that includes fixes for numerous issues in the operating system. The update is titled "2019-06 Cumulative Update for Windows 10 Version 1809 (KB4501371)" and does not contain any securityβ¦
Microsoft Releases Windows 10 Update to Fix Privacy Settings Bug
Microsoft has released an update for certain devices that will display a notification containing information and instructions on how to configure privacy settings that were not properly shown during a Windows 10 installation. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-update-to-fix-privacy-settings-bug/
Microsoft has released an update for certain devices that will display a notification containing information and instructions on how to configure privacy settings that were not properly shown during a Windows 10 installation. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-update-to-fix-privacy-settings-bug/
BleepingComputer
Microsoft Releases Windows 10 Update to Fix Privacy Settings Bug
Microsoft has released an update for certain devices that will display a notification containing information and instructions on how to configure privacy settings that were not properly shown during a Windows 10 installation.
Ryuk Ransomware Adds IP and Computer Name Blacklisting
A new variant of the Ryuk Ransomware has been discovered that adds IP address and computer blacklisting so that matching computers will not be encrypted. [...]
https://www.bleepingcomputer.com/news/security/ryuk-ransomware-adds-ip-and-computer-name-blacklisting/
A new variant of the Ryuk Ransomware has been discovered that adds IP address and computer blacklisting so that matching computers will not be encrypted. [...]
https://www.bleepingcomputer.com/news/security/ryuk-ransomware-adds-ip-and-computer-name-blacklisting/
BleepingComputer
Ryuk Ransomware Adds IP and Computer Name Blacklisting
A new variant of the Ryuk Ransomware has been discovered that adds IP address and computer blacklisting so that matching computers will not be encrypted.
Oracle Fixes Critical Bug in WebLogic Server Web Services
Oracle on Tuesday announced a patch for a remote code execution vulnerability affecting specific versions of the WebLogic Server. The bug bypasses a previously fixed flaw and researchers say it is actively used in attacks. [...]
https://www.bleepingcomputer.com/news/security/oracle-fixes-critical-bug-in-weblogic-server-web-services/
Oracle on Tuesday announced a patch for a remote code execution vulnerability affecting specific versions of the WebLogic Server. The bug bypasses a previously fixed flaw and researchers say it is actively used in attacks. [...]
https://www.bleepingcomputer.com/news/security/oracle-fixes-critical-bug-in-weblogic-server-web-services/
BleepingComputer
Oracle Fixes Critical Bug in WebLogic Server Web Services
Oracle on Tuesday announced a patch for a remote code execution vulnerability affecting specific versions of the WebLogic Server. The bug bypasses a previously fixed flaw and researchers say it is actively used in attacks.
Microsoft Prepares to Autoupdate Windows 10 v1803 and Earlier Devices
Microsoft says that a feature update will be automatically initiated for devices running Windows 10 version 1803 and earlier using a machine learning (ML) based rollout process. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-prepares-to-autoupdate-windows-10-v1803-and-earlier-devices/
Microsoft says that a feature update will be automatically initiated for devices running Windows 10 version 1803 and earlier using a machine learning (ML) based rollout process. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-prepares-to-autoupdate-windows-10-v1803-and-earlier-devices/
BleepingComputer
Microsoft Prepares to Autoupdate Windows 10 v1803 and Earlier Devices
Microsoft says that a feature update will be automatically initiated for devices running Windows 10 version 1803 and earlier using a machine learning (ML) based rollout process.
Microsoft Edge Group Policies Preview Released for Testing
Microsoft has released an early preview of the group policies for the Microsoft Edge Chromium-based browser so that users can begin testing them. As this is a preview, some of the policies may not have been implemented in the current Google Canary and Dev builds. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-group-policies-preview-released-for-testing/
Microsoft has released an early preview of the group policies for the Microsoft Edge Chromium-based browser so that users can begin testing them. As this is a preview, some of the policies may not have been implemented in the current Google Canary and Dev builds. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-group-policies-preview-released-for-testing/
BleepingComputer
Microsoft Edge Group Policies Preview Released for Testing
Microsoft has released an early preview of the group policies for the Microsoft Edge Chromium-based browser so that users can begin testing them. As this is a preview, some of the policies may not have been implemented in the current Google Canary and Devβ¦