Telegram Fixes Privacy Bug Caused by Improperly Deleted Messages
The Telegram encrypted messaging app released version 5.11 of their mobile client to fix a serious privacy bug that could allow a recipient to view images or files even after they were deleted by the sender. As this app has over 100 million downloads from the Google Play Store alone, this could be a major privacy violation for many u [...]
https://www.bleepingcomputer.com/news/security/telegram-fixes-privacy-bug-caused-by-improperly-deleted-messages/
The Telegram encrypted messaging app released version 5.11 of their mobile client to fix a serious privacy bug that could allow a recipient to view images or files even after they were deleted by the sender. As this app has over 100 million downloads from the Google Play Store alone, this could be a major privacy violation for many u [...]
https://www.bleepingcomputer.com/news/security/telegram-fixes-privacy-bug-caused-by-improperly-deleted-messages/
BleepingComputer
Telegram Fixes Privacy Bug Caused by Improperly Deleted Messages
The Telegram encrypted messaging app released version 5.11 of their mobile client to fix a serious privacy bug that could allow a recipient to view images or files even after they were deleted by the sender. As this app has over 100 million downloads fromβ¦
PsiXBot Modular Malware Gets New Sextortion, Google DoH Upgrades
Security researchers discovered a new variant of the PsiXBot modular malware with a new sextortion module and designed to use Google's DNS over HTTPS (DoH) service to get command and control (C2) domain addresses. [...]
https://www.bleepingcomputer.com/news/security/psixbot-modular-malware-gets-new-sextortion-google-doh-upgrades/
Security researchers discovered a new variant of the PsiXBot modular malware with a new sextortion module and designed to use Google's DNS over HTTPS (DoH) service to get command and control (C2) domain addresses. [...]
https://www.bleepingcomputer.com/news/security/psixbot-modular-malware-gets-new-sextortion-google-doh-upgrades/
BleepingComputer
PsiXBot Modular Malware Gets New Sextortion, Google DoH Upgrades
Security researchers discovered a new variant of the PsiXBot modular malware with a new sextortion module and designed to use Google's DNS over HTTPS (DoH) service to get command and control (C2) domain addresses.
Exploit Kits Target Windows Users with Ransomware and Trojans
Over the weekend and into today, four different malvertising campaigns have been redirecting users to exploit kits that install password stealing Trojans, ransomware, and clipboard hijackers. [...]
https://www.bleepingcomputer.com/news/security/exploit-kits-target-windows-users-with-ransomware-and-trojans/
Over the weekend and into today, four different malvertising campaigns have been redirecting users to exploit kits that install password stealing Trojans, ransomware, and clipboard hijackers. [...]
https://www.bleepingcomputer.com/news/security/exploit-kits-target-windows-users-with-ransomware-and-trojans/
BleepingComputer
Exploit Kits Target Windows Users with Ransomware and Trojans
Over the weekend and into today, four different malvertising campaigns have been redirecting users to exploit kits that install password stealing Trojans, ransomware, and clipboard hijackers.
Office 365 ATP Automated Incident Response Now Generally Available
Microsoft announced today the general availability of the Automated Incident Response feature in Office 365 Advanced Threat Protection (ATP) users to support the rising requirements of security teams. [...]
https://www.bleepingcomputer.com/news/microsoft/office-365-atp-automated-incident-response-now-generally-available/
Microsoft announced today the general availability of the Automated Incident Response feature in Office 365 Advanced Threat Protection (ATP) users to support the rising requirements of security teams. [...]
https://www.bleepingcomputer.com/news/microsoft/office-365-atp-automated-incident-response-now-generally-available/
BleepingComputer
Office 365 ATP Automated Incident Response Now Generally Available
Microsoft announced today the general availability of the Automated Incident Response feature in Office 365 Advanced Threat Protection (ATP) users to support the rising requirements of security teams.
Microsoft Phishing Page Uses Captcha to Bypass Automated Detection
A new phishing campaign has been observed in the wild using captcha boxes to hide a fake Microsoft account login page from secure email gateways (SEGs). [...]
https://www.bleepingcomputer.com/news/security/microsoft-phishing-page-uses-captcha-to-bypass-automated-detection/
A new phishing campaign has been observed in the wild using captcha boxes to hide a fake Microsoft account login page from secure email gateways (SEGs). [...]
https://www.bleepingcomputer.com/news/security/microsoft-phishing-page-uses-captcha-to-bypass-automated-detection/
BleepingComputer
Microsoft Phishing Page Uses Captcha to Bypass Automated Detection
A new phishing campaign has been observed in the wild using captcha boxes to hide a fake Microsoft account login page from secure email gateways (SEGs).
Microsoft Teams Can Be Used To Execute Arbitrary Payloads
Attackers can use genuine binaries from Microsoft Teams to execute a malicious payload using a mock installation folder for the collaboration software. [...]
https://www.bleepingcomputer.com/news/security/microsoft-teams-can-be-used-to-execute-arbitrary-payloads/
Attackers can use genuine binaries from Microsoft Teams to execute a malicious payload using a mock installation folder for the collaboration software. [...]
https://www.bleepingcomputer.com/news/security/microsoft-teams-can-be-used-to-execute-arbitrary-payloads/
BleepingComputer
Microsoft Teams Can Be Used To Execute Arbitrary Payloads
Attackers can use genuine binaries from Microsoft Teams to execute a malicious payload using a mock installation folder for the collaboration software.
Bugs in D-Link and Comba Networking Gear Disclose Passwords
Vulnerabilities found in networking gear from D-Link and Comba allow retrieving sensitive information like ISP credentials and device access passwords without authentication. [...]
https://www.bleepingcomputer.com/news/security/bugs-in-d-link-and-comba-networking-gear-disclose-passwords/
Vulnerabilities found in networking gear from D-Link and Comba allow retrieving sensitive information like ISP credentials and device access passwords without authentication. [...]
https://www.bleepingcomputer.com/news/security/bugs-in-d-link-and-comba-networking-gear-disclose-passwords/
BleepingComputer
Bugs in D-Link and Comba Networking Gear Disclose Passwords
Vulnerabilities found in networking gear from D-Link and Comba allow retrieving sensitive information like ISP credentials and device access passwords without authentication.
Business Email Compromise Is a $26 Billion Scam Says the FBI
FBI's Internet Crime Complaint Center (IC3) says that Business Email Compromise scams are continuing to grow every year, with a 100% increase in the identified global exposed losses between May 2018 and July 2019. [...]
https://www.bleepingcomputer.com/news/security/business-email-compromise-is-a-26-billion-scam-says-the-fbi/
FBI's Internet Crime Complaint Center (IC3) says that Business Email Compromise scams are continuing to grow every year, with a 100% increase in the identified global exposed losses between May 2018 and July 2019. [...]
https://www.bleepingcomputer.com/news/security/business-email-compromise-is-a-26-billion-scam-says-the-fbi/
BleepingComputer
Business Email Compromise Is a $26 Billion Scam Says the FBI
FBI's Internet Crime Complaint Center (IC3) says that Business Email Compromise scams are continuing to grow every year, with a 100% increase in the identified global exposed losses between May 2018 and July 2019.
Adobe Releases Security Updates for Flash Player and Application Manager
Adobe has published their monthly Patch Tuesday updates for the month of September 2019 that resolves three security vulnerabilities in two programs. All the vulnerabilities fixed today are for arbitrary code execution that could allow an attacker to execute commands on a vulnerable machine. [...]
https://www.bleepingcomputer.com/news/security/adobe-releases-security-updates-for-flash-player-and-application-manager/
Adobe has published their monthly Patch Tuesday updates for the month of September 2019 that resolves three security vulnerabilities in two programs. All the vulnerabilities fixed today are for arbitrary code execution that could allow an attacker to execute commands on a vulnerable machine. [...]
https://www.bleepingcomputer.com/news/security/adobe-releases-security-updates-for-flash-player-and-application-manager/
BleepingComputer
Adobe Releases Security Updates for Flash Player and Application Manager
Adobe has published their monthly Patch Tuesday updates for the month of September 2019 that resolves three security vulnerabilities in two programs. All the vulnerabilities fixed today are for arbitrary code execution that could allow an attacker to executeβ¦
Microsoft Releases the September 2019 Security Updates for Office
Microsoft released the September 2019 Microsoft Office security updates, bundling a total of 19 security updates and five cumulative updates across seven different products, five of them patching remote code execution flaws. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-the-september-2019-security-updates-for-office/
Microsoft released the September 2019 Microsoft Office security updates, bundling a total of 19 security updates and five cumulative updates across seven different products, five of them patching remote code execution flaws. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-the-september-2019-security-updates-for-office/
BleepingComputer
Microsoft Releases the September 2019 Security Updates for Office
Microsoft released the September 2019 Microsoft Office security updates, bundling a total of 19 security updates and five cumulative updates across seven different products, five of them patching remote code execution flaws.
Microsoft's September 2019 Patch Tuesday Fixes 79 Vulnerabilities
Today is Microsoft's September 2019 Patch Tuesday, which means your Windows administrators are going to be up to their elbows in problems. So be nice to them! [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-september-2019-patch-tuesday-fixes-79-vulnerabilities/
Today is Microsoft's September 2019 Patch Tuesday, which means your Windows administrators are going to be up to their elbows in problems. So be nice to them! [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-september-2019-patch-tuesday-fixes-79-vulnerabilities/
BleepingComputer
Microsoft's September 2019 Patch Tuesday Fixes 79 Vulnerabilities
Today is Microsoft's September 2019 Patch Tuesday, which means your Windows administrators are going to be up to their elbows in problems. So be nice to them!
Windows 10 KB4515384 and KB4512578 Released With Fixes
Microsoft is rolling out a new cumulative update to devices with Windows 10 May 2019 Update (version 1903), Windows 10 October 2018 Update (version 1809), and other supported versions with multiple fixes and improvements. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4515384-and-kb4512578-released-with-fixes/
Microsoft is rolling out a new cumulative update to devices with Windows 10 May 2019 Update (version 1903), Windows 10 October 2018 Update (version 1809), and other supported versions with multiple fixes and improvements. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4515384-and-kb4512578-released-with-fixes/
BleepingComputer
Windows 10 KB4515384 and KB4512578 Released With Fixes
Microsoft is rolling out a new cumulative update to devices with Windows 10 May 2019 Update (version 1903), Windows 10 October 2018 Update (version 1809), and other supported versions with multiple fixes and improvements.
LokiBot Info-Stealer Used in Spear Phishing Attack on US Company
Security researchers discovered a malspam campaign distributing LokiBot information stealer payloads using phishing messages targeting the employees of a large U.S. manufacturing company. [...]
https://www.bleepingcomputer.com/news/security/lokibot-info-stealer-used-in-spear-phishing-attack-on-us-company/
Security researchers discovered a malspam campaign distributing LokiBot information stealer payloads using phishing messages targeting the employees of a large U.S. manufacturing company. [...]
https://www.bleepingcomputer.com/news/security/lokibot-info-stealer-used-in-spear-phishing-attack-on-us-company/
Microsoft Fixes Windows 10 High CPU Usage in Cortana
As part of today's Patch Tuesday, Microsoft has released the Windows 10 KB4515384 cumulative update that fixes a high CPU usage issue in Cortana's SearchUI.exe process. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-high-cpu-usage-in-cortana/
As part of today's Patch Tuesday, Microsoft has released the Windows 10 KB4515384 cumulative update that fixes a high CPU usage issue in Cortana's SearchUI.exe process. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-high-cpu-usage-in-cortana/
BleepingComputer
Microsoft Fixes Windows 10 High CPU Usage in Cortana
As part of today's Patch Tuesday, Microsoft has released the Windows 10 KB4515384 cumulative update that fixes a high CPU usage issue in Cortana's SearchUI.exe process.
281 Arrested in Worldwide Business Email Compromise Crackdown
281 people were arrested over a four-month period in the U.S. and in countries around the world as part of Operation reWired, a coordinated effort of multiple law enforcement agencies from several countries. [...]
https://www.bleepingcomputer.com/news/security/281-arrested-in-worldwide-business-email-compromise-crackdown/
281 people were arrested over a four-month period in the U.S. and in countries around the world as part of Operation reWired, a coordinated effort of multiple law enforcement agencies from several countries. [...]
https://www.bleepingcomputer.com/news/security/281-arrested-in-worldwide-business-email-compromise-crackdown/
BleepingComputer
281 Arrested in Worldwide Business Email Compromise Crackdown
281 people were arrested over a four-month period in the U.S. and in countries around the world as part of Operation reWired, a coordinated effort of multiple law enforcement agencies from several countries.
Google Unveils DNS-over-HTTPS (DoH) Plan, Mozilla's Faces Criticism
Google has announced that they would soon be performing a trial of utilizing DNS-over-HTTPS (DoH) in the Google Chrome browser. This experiment will be conducted in Chrome 78 and will attempt to upgrade a user's DNS server to a corresponding DoH server, and if available, use that for DNS resolution. [...]
https://www.bleepingcomputer.com/news/technology/google-unveils-dns-over-https-doh-plan-mozillas-faces-criticism/
Google has announced that they would soon be performing a trial of utilizing DNS-over-HTTPS (DoH) in the Google Chrome browser. This experiment will be conducted in Chrome 78 and will attempt to upgrade a user's DNS server to a corresponding DoH server, and if available, use that for DNS resolution. [...]
https://www.bleepingcomputer.com/news/technology/google-unveils-dns-over-https-doh-plan-mozillas-faces-criticism/
BleepingComputer
Google Unveils DNS-over-HTTPS (DoH) Plan, Mozilla's Faces Criticism
Google has announced that they would soon be performing a trial of utilizing DNS-over-HTTPS (DoH) in the Google Chrome browser. This experiment will be conducted in Chrome 78 and will attempt to upgrade a user's DNS server to a corresponding DoH server, andβ¦
Microsoft Releases Servicing Stack Updates for All Windows 10 Versions
Microsoft released quality improvements to the servicing stack for all Windows 10 versions, the component designed to allow users to receive and install Windows updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-servicing-stack-updates-for-all-windows-10-versions/
Microsoft released quality improvements to the servicing stack for all Windows 10 versions, the component designed to allow users to receive and install Windows updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-servicing-stack-updates-for-all-windows-10-versions/
BleepingComputer
Microsoft Releases Servicing Stack Updates for All Windows 10 Versions
Microsoft released quality improvements to the servicing stack for all Windows 10 versions, the component designed to allow users to receive and install Windows updates.
New NetCAT Attack Can Leak Sensitive Data From Intel CPUs
A weakness named NetCAT (Network Cache ATtack) affects all Intel server-grade processors since 2012 and allows sniffing sensitive details by mounting a side-channel attack over the network. [...]
https://www.bleepingcomputer.com/news/security/new-netcat-attack-can-leak-sensitive-data-from-intel-cpus/
A weakness named NetCAT (Network Cache ATtack) affects all Intel server-grade processors since 2012 and allows sniffing sensitive details by mounting a side-channel attack over the network. [...]
https://www.bleepingcomputer.com/news/security/new-netcat-attack-can-leak-sensitive-data-from-intel-cpus/
BleepingComputer
New NetCAT Attack Can Leak Sensitive Data From Intel CPUs
A weakness named NetCAT (Network Cache ATtack) affects all Intel server-grade processors since 2012 and allows sniffing sensitive details by mounting a side-channel attack over the network.
Chrome 77 Released With Removed EV Certificate Indicator
Google has released Chrome 77 to the Stable desktop channel, with new features and 36 security fixes, with 1 being marked as Critical and 8 as High severity. [...]
https://www.bleepingcomputer.com/news/google/chrome-77-released-with-removed-ev-certificate-indicator/
Google has released Chrome 77 to the Stable desktop channel, with new features and 36 security fixes, with 1 being marked as Critical and 8 as High severity. [...]
https://www.bleepingcomputer.com/news/google/chrome-77-released-with-removed-ev-certificate-indicator/
BleepingComputer
Chrome 77 Released With Removed EV Certificate Indicator
Google has released Chrome 77 to the Stable desktop channel, with new features and 36 security fixes, with 1 being marked as Critical and 8 as High severity.
Intel Patches Privilege Escalation Flaw in Easy Streaming Wizard
Intel issued two security updates for software and hardware products to patch vulnerabilities that may allow escalation of privilege and information disclosure. [...]
https://www.bleepingcomputer.com/news/security/intel-patches-privilege-escalation-flaw-in-easy-streaming-wizard/
Intel issued two security updates for software and hardware products to patch vulnerabilities that may allow escalation of privilege and information disclosure. [...]
https://www.bleepingcomputer.com/news/security/intel-patches-privilege-escalation-flaw-in-easy-streaming-wizard/
BleepingComputer
Intel Patches Privilege Escalation Flaw in Easy Streaming Wizard
Intel issued two security updates for software and hardware products to patch vulnerabilities that may allow escalation of privilege and information disclosure.
Microsoft to Improve Office 365 Phishing Email Notifications
Microsoft is currently working on enhancing the notification system for quarantined malware or phishing messages for admins in all Microsoft 365 environments, with the new feature to roll out to customers in early October. [...]
https://www.bleepingcomputer.com/news/security/microsoft-to-improve-office-365-phishing-email-notifications/
Microsoft is currently working on enhancing the notification system for quarantined malware or phishing messages for admins in all Microsoft 365 environments, with the new feature to roll out to customers in early October. [...]
https://www.bleepingcomputer.com/news/security/microsoft-to-improve-office-365-phishing-email-notifications/
BleepingComputer
Microsoft to Improve Office 365 Phishing Email Notifications
Microsoft is currently working on enhancing the notification system for quarantined malware or phishing messages for admins in all Microsoft 365 environments, with the new feature to roll out to customers in early October.