Windows 10 Insider Build 18922 With an Updated Feedback Hub

Microsoft has released Windows 10 Insider Preview Build 18922 to Insiders in the Fast ring. This build includes various fixes as well as a redesigned Language settings screen and a "similar feedback" feature for the Windows 10 Feedback Hub. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18922-with-an-updated-feedback-hub/

Microsoft Edge Chromium Released for Windows 7, 8, and 8.1

Microsoft has officially released their Chromium-based Microsoft Edge browser for the Windows 7, Windows 8, and Windows 8.1 operating systems. This will allow a wider range of Windows users to test out the upcoming chromium-based Edge browser and report bugs that they may encounter. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-chromium-released-for-windows-7-8-and-81/

Tor Browser 8.5.2 Released to Fix Critical Vulnerability

Tor Browser 8.5.2 has been released to fix a critical vulnerability in Firefox that was fixed by Mozilla this week. It is strongly advised that all Tor users install this update as soon as possible. [...]

https://www.bleepingcomputer.com/news/software/tor-browser-852-released-to-fix-critical-vulnerability/

New Standalone Cortana Beta App Coming to Windows 10 Insiders

In the latest Windows 10 Insider build, Microsoft is testing a new hidden standalone Cortana app that gives us a glimpse of the future for Microsoft's personal assistant. [...]

https://www.bleepingcomputer.com/news/microsoft/new-standalone-cortana-beta-app-coming-to-windows-10-insiders/

Samba Vulnerability Can Crash Active Directory Components

A couple of bugs in some versions of Samba software can help an attacker crash key processes on the network in charge of accessing directory, application, and server services. [...]

https://www.bleepingcomputer.com/news/security/samba-vulnerability-can-crash-active-directory-components/

The U.S. Loses Over $1.5 Trillion in a Decade of Data Breaches

A decade's collection of data breaches shows a bleak picture with billions of records exposed in this type of incidents and financial damages of more than $1.6 trillion. [...]

https://www.bleepingcomputer.com/news/security/the-us-loses-over-15-trillion-in-a-decade-of-data-breaches/

Linux Cryptominer Uses Virtual Machines to Attack Windows, macOS

A new cryptocurrency mining malware dubbed LoudMiner uses virtualization software to deploy a Linux XMRig coinminer variant on Windows and macOS systems via a Tiny Core Linux virtual machine. [...]

https://www.bleepingcomputer.com/news/security/linux-cryptominer-uses-virtual-machines-to-attack-windows-macos/

Firefox 0-day Used in Targeted Attacks Against Cryptocurrency Firms

The employees of Coinbase and other cryptocurrency firms were the target of an attack utilizing a recent Firefox zero-day and malware payloads in order to gain access to victim's computers, networks, and sensitive information. [...]

https://www.bleepingcomputer.com/news/security/firefox-0-day-used-in-targeted-attacks-against-cryptocurrency-firms/

Turla Espionage Group Hacks OilRig APT Infrastructure

Security researchers tracking activities of various nation-state cyber-espionage groups found evidence suggesting that the Turla group hijacked the infrastructure of OilRig hackers to compromise a target both actors were interested in. [...]

https://www.bleepingcomputer.com/news/security/turla-espionage-group-hacks-oilrig-apt-infrastructure/

DanaBot Banking Trojan Upgraded with ‘Non Ransomware’ Module

A new malicious campaign is distributing an upgraded variant of DanaBot that comes with a new ransomware module used to target potential victims from Italy and Poland via phishing emails which deliver malware droppers. [...]

https://www.bleepingcomputer.com/news/security/danabot-banking-trojan-upgraded-with-non-ransomware-module/

Mozilla Firefox 67.0.4 Fixes Second Actively Exploited Zero-Day

Mozilla has released Firefox 67.0.4 to fix a security vulnerability that has been used in targeted attacks against cryptocurrency firms such as Coinbase. Users of Firefox should immediately install this update. [...]

https://www.bleepingcomputer.com/news/security/mozilla-firefox-6704-fixes-second-actively-exploited-zero-day/

Windows 10 Will Now Notify Users When Version 1903 is Blocked

Windows Update will now alert Windows 10 users when a featured update such as the Windows 10 May 2019 Update, or version 1903, is blocked from being installed. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-will-now-notify-users-when-version-1903-is-blocked/

Desjardins Group Data Leak Exposes Info of 2.9 Million Members

Sensitive personal information of roughly 2.9 million Desjardins Group members was leaked after an employee disclosed it to people outside the organization without authorization.  [...]

https://www.bleepingcomputer.com/news/security/desjardins-group-data-leak-exposes-info-of-29-million-members/

Epic Games Sues YouTuber CBV for Selling Fortnite Cheats

In a lawsuit filed Tuesday, Epic Games is suing a YouTuber who goes by the name CBV for allegedly selling cheats Fornite and ruining the game for other users. [...]

https://www.bleepingcomputer.com/news/gaming/epic-games-sues-youtuber-cbv-for-selling-fortnite-cheats/

Windows 10 May Soon Let You Rename Virtual Desktops

If you use Windows 10 virtual desktops, you are going to be happy to hear that Microsoft is working on giving you the ability to rename them. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-may-soon-let-you-rename-virtual-desktops/

Botnet Uses SSH and ADB to Create Android Cryptomining Army

Researchers discovered a cryptocurrency mining botnet that uses the Android Debug Bridge (ADB) Wi-Fi interface and SSH connections to hosts stored in the known_hosts list to spread to other devices. [...]

https://www.bleepingcomputer.com/news/security/botnet-uses-ssh-and-adb-to-create-android-cryptomining-army/

Phishing Websites Increase Adoption of HTTPS

As the adoption of cryptographic protocols for secure website communication increased, cybercrooks also moved to HTTPS to keep their operation floating. [...]

https://www.bleepingcomputer.com/news/security/phishing-websites-increase-adoption-of-https/

Windows 10 May 2019 Cumulative Updates Break iSCSI SAN Connectivity

Microsoft published information on a new known issue that may cause connectivity issues for some Storage Area Network (SAN) devices via the Internet Small Computer System Interface (iSCSI). [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-may-2019-cumulative-updates-break-iscsi-san-connectivity/

Sodinokibi Ransomware Spreads Wide via Hacked MSPs, Sites, and Spam

With the GandCrab Ransomware having been shut down, other actors are looking to fill the hole left behind with their own ransomware. Such is the case with the Sodinokibi Ransomware, whose affiliates are using a wide range of tactics to distribute the ransomware and earn in a commission. [...]

https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-spreads-wide-via-hacked-msps-sites-and-spam/

Microsoft Warns of Campaign Dropping Flawedammyy Rat in Memory

Microsoft issued a warning about an active spam campaign that tries to infect Korean targets with a FlawedAmmyy RAT malware distributed via malicious XLS attachments. [...]

https://www.bleepingcomputer.com/news/security/microsoft-warns-of-campaign-dropping-flawedammyy-rat-in-memory/

BlueKeep Warnings Pay Off, Boost Patching in Enterprise Networks

The multiple warnings about patching Windows systems against the BlueKeep vulnerability (CVE-2019-0708) have not gone unheeded. Administrators of enterprise networks listened and updated most of the machines affected by the issue. [...]

https://www.bleepingcomputer.com/news/security/bluekeep-warnings-pay-off-boost-patching-in-enterprise-networks/