Thinkful Resets All User Passwords After Security Breach

Online developer bootcamp company Thinkful is sending out email notifications that state an unauthorized user was able to gain access to employee accounts credentials. Due to this, they are requiring all users to reset their passwords the next time they login. [...]

https://www.bleepingcomputer.com/news/security/thinkful-resets-all-user-passwords-after-security-breach/

Windows 10 Insider Build 18985 Released With Improved Bluetooth Pairing

Microsoft has released Windows 10 Insider Preview Build 18985 (20H1) to Insiders in the Fast ring, which includes a new optional update experience, a Snip & Sketch update, and a new Bluetooth pairing experience. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18985-released-with-improved-bluetooth-pairing/

Selfie Android Apps with 1.5M+ Installs Push Ads, Can Record Audio

A couple of Android apps found in Google Play included functionality that stealthy recording audio without user consent. The apps posed as selfie camera filters and had been installed over 1.5 million times. [...]

https://www.bleepingcomputer.com/news/security/selfie-android-apps-with-15m-installs-push-ads-can-record-audio/

Windows 10 is Getting a New Optional Update Experience

Microsoft is changing the windows update experience in Windows 10 so that "optional" updates are shown in a dedicated screen that will allow you to pick which update you would like to install [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-is-getting-a-new-optional-update-experience/

Forcepoint Fixes Privilege Escalation Bug in Windows VPN Client

A vulnerability affecting all versions of Forcepoint VPN Client for Windows, save the latest release, can be used to achieve persistence and evade detection. [...]

https://www.bleepingcomputer.com/news/security/forcepoint-fixes-privilege-escalation-bug-in-windows-vpn-client/

Twitter Removes State-backed Actors Conducting Information Campaigns

Twitter has removed another batch of state-sponsored actors performing information campaigns on Twitter.  The detected operations announced today involved Qatar, Iran, Yemen, Ecuador, Saudi Arabia, Spain, China, and Hong Kong. [...]

https://www.bleepingcomputer.com/news/technology/twitter-removes-state-backed-actors-conducting-information-campaigns/

Windows 7 and Server 2008 Get 0patch Security Fixes After EoS

Microsoft ending support for Windows 7 and Server 2008 early next year will also stop delivery of security patches through the normal channel. But users have an alternative to get security fixes on a regular basis in the form of micropatches. [...]

https://www.bleepingcomputer.com/news/security/windows-7-and-server-2008-get-0patch-security-fixes-after-eos/

Windows 7 Voting Systems to Get Free Security Updates Through 2020 Elections

Microsoft announced today that they will be providing free extended security updates for Windows 7 machines that are part of a federally certified voting system. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-7-voting-systems-to-get-free-security-updates-through-2020-elections/

Meet Stop Ransomware: The Most Active Ransomware Nobody Talks About

Have you ever heard of the STOP Ransomware? Probably not, as few write about it, most researchers don't cover it, and for the most part it targets consumers through cracked software, adware bundles, and shady sites. [...]

https://www.bleepingcomputer.com/news/security/meet-stop-ransomware-the-most-active-ransomware-nobody-talks-about/

The Week in Ransomware - September 20th 2019 - Fairly Quiet

This has been a fairly quiet week with no real big news other than further updates from Nemty, the introduction of TFlower, and another Ordinypt campaign targeting Germany. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-20th-2019-fairly-quiet/

Microsoft Marks Two Windows 10 1903 Issues as Resolved

Microsoft has marked a Windows 10 Chinese IME issue and a Windows Desktop Search or Start Menu issue as resolved in the Windows 10 Health Dashboard. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-marks-two-windows-10-1903-issues-as-resolved/

Jira Server and Service Desk Fix Critical Security Bugs

Atlassian released updates for Jira Service Desk and Jira Service Desk Data Center to fix a critical-severity security bug that can be exploited by anyone with access to a vulnerable customer portal. [...]

https://www.bleepingcomputer.com/news/security/jira-server-and-service-desk-fix-critical-security-bugs/

Microsoft Edge to Let You Block Potentially Unwanted Programs

Microsoft Edge is testing a new feature in their Canary build that allows you to block potentially unwanted programs (PUPs) from being downloaded by the browser. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-to-let-you-block-potentially-unwanted-programs/

Microsoft Edge's Collection Feature Helps You Stay Organized

Microsoft recently updated Edge for Windows and MacOS with a new feature called 'Collections' to help users collect and compare shopping items, collect and combine information from platforms like Wikipedia, and put together your event or research information in a dedicated panel for later reference. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edges-collection-feature-helps-you-stay-organized/

Malicious Android Apps Evade Google Play Protect via Remote Commands

More than two dozen malicious Android applications with over 2.1 million installs in total were observed by security researchers while displaying aggressive full-screen ads after downloading configuration files. [...]

https://www.bleepingcomputer.com/news/security/malicious-android-apps-evade-google-play-protect-via-remote-commands/

Microsoft to Force Modern Auth in Exchange Online to Enhance Security

Microsoft announced that Basic Authentication will be turned off in Exchange Online for Exchange ActiveSync (EAS), POP, IMAP, and Remote PowerShell starting October 13, 2020. [...]

https://www.bleepingcomputer.com/news/security/microsoft-to-force-modern-auth-in-exchange-online-to-enhance-security/

Windows 10 Task Manager Lets You Copy Performance Data as Text

The Windows 10 Task Manager Performance tab allows you to right-click on the various categories and copy the information into formatted text. This text can then be paste into online forums where you are receiving help, share it with others, or more easily copy down the hardware installed in your computer. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-task-manager-lets-you-copy-performance-data-as-text/

Microsoft Issues Windows Security Update for 0Day Vulnerability

Microsoft released two out of band security updates today for remote code execution (RCE) and denial of service (DoS) security vulnerabilities impacting Internet Explorer and Windows Defender, respectively. [...]

https://www.bleepingcomputer.com/news/security/microsoft-issues-windows-security-update-for-0day-vulnerability/

Finnish Govt. Releases Guide on Securing Microsoft Office 365

The National Cyber Security Centre Finland (NCSC-FI) which acts as Finland's National Communications Security Authority published today a detailed guide on how to secure Microsoft Office 365 against data breaches and credential phishing. [...]

https://www.bleepingcomputer.com/news/security/finnish-govt-releases-guide-on-securing-microsoft-office-365/

Beware of Google Alert Links Leading to Malware and Scams

Google Alerts is s useful service that allows you to receive emails or an updated RSS feed when new pages appear in the Google search index that are related to specified keywords you are following. Unfortunately, whenever there is a good thing, people try to take advantage of them to push users towards scams and malware [...]

https://www.bleepingcomputer.com/news/security/beware-of-google-alert-links-leading-to-malware-and-scams/

Emotet Tries to Infect You By Claiming It's Snowden's Book

Emotet has started a new spam campaign that pretends to be a scanned copy of Edward Snowden's new book. Unsuspecting users who open the attachment and enable its content will find that they have become infected with Emotet, most likely Trickbot, and possibly other malware. [...]

https://www.bleepingcomputer.com/news/security/emotet-tries-to-infect-you-by-claiming-its-snowdens-book/