Hackers Replace Windows Narrator to Get SYSTEM Level Access

Chinese hackers are replacing the legitimate Narrator app on targeted Windows systems with a trojanized version that gives them remote access with privileges of the most powerful account on the operating system. [...]

https://www.bleepingcomputer.com/news/security/hackers-replace-windows-narrator-to-get-system-level-access/

Microsoft Phishing Attack Uses Google Redirects to Evade Detection

A new phishing campaign uses Google search query redirects to send potential victims to a phishing landing page designed to collect Microsoft Office 365 credentials via encoded URLs. [...]

https://www.bleepingcomputer.com/news/security/microsoft-phishing-attack-uses-google-redirects-to-evade-detection/

Ransomware Decryptors Released for Yatron, WannaCryFake, & FortuneCrypt

Security vendors released decryptors for three ransomware infections today that allow victims to recover their files for free. These decryptors are for the WannaCryFake, Yatron, and FortuneCrypt Ransomware infections. [...]

https://www.bleepingcomputer.com/news/security/ransomware-decryptors-released-for-yatron-wannacryfake-and-fortunecrypt/

Buggy Google Chrome Update Behind Recent Unbootable Macs

A wave of reported Macs being no longer able to boot was caused by a recent Google Chrome update that was corrupting a necessary operating system folder. Once the update was installed, affected users found they were no longer able to boot into macOS. [...]

https://www.bleepingcomputer.com/news/security/buggy-google-chrome-update-behind-recent-unbootable-macs/

Microsoft to Extend Office 365 ATP Safe Links to Office Online

Microsoft is currently working on extending the Office 365 Advanced Threat Protection (ATP) Safe Links protection to Office Online apps, with the new feature to be released in October. [...]

https://www.bleepingcomputer.com/news/security/microsoft-to-extend-office-365-atp-safe-links-to-office-online/

Botnet Uses Recent vBulletin Exploit to Block Other Hackers

A botnet has been detected utilizing the recently disclosed vBulletin exploit to secure vulnerable servers so that they cannot be used by other attackers. This allows the botnet to grow their army of compromised servers without fear that other attackers will utilize the same server. [...]

https://www.bleepingcomputer.com/news/security/botnet-uses-recent-vbulletin-exploit-to-block-other-hackers/

Vodafone's Mobile App Briefly Exposed Customer Information

For a brief period on Wednesday morning, Vodafone customers in New Zealand using the mobile carrier's app could see details for other customers. [...]

https://www.bleepingcomputer.com/news/security/vodafones-mobile-app-briefly-exposed-customer-information/

Outlook on the Web to Block File Extensions for PowerShell, Python, and More

Microsoft will soon be blocking an additional 38 file extension from being downloaded as attachments in Outlook on the Web in order to protect users from malicious files. These additional extensions includes files used by Java, PowerShell, Python, and various vulnerabilities. [...]

https://www.bleepingcomputer.com/news/microsoft/outlook-on-the-web-to-block-file-extensions-for-powershell-python-and-more/

Microsoft Enables Tracking Prevention by Default in New Edge Beta

Microsoft released the first update to the Microsoft Edge Beta channel that brings the web browser to the 78.0.276.8 build, enables the tracking prevention feature by default, and adds new sign-in and sync features. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-enables-tracking-prevention-by-default-in-new-edge-beta/

Cisco Fixes Critical IOx Flaw Allowing Root Access to Guest OS

Cisco has released security updates to address a critical vulnerability in the IOx application environment for Cisco IOS Software that could enable authenticated remote attackers to access the Guest Operating System (Guest OS) as the root user. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-iox-flaw-allowing-root-access-to-guest-os/

REvil (Sodinokibi) Ransomware Targets Chinese Users with DHL Spam

A new spam campaign is underway that is targeting Chinese recipients to trick them into installing the REvil (Sodinokibi) Ransomware. [...]

https://www.bleepingcomputer.com/news/security/revil-sodinokibi-ransomware-targets-chinese-users-with-dhl-spam/

Microsoft Spots Nodersok Malware Campaign That Zombifies PCs

A new fileless malicious campaign, dubbed Nodersok by Microsoft Defender ATP Research Team researchers who discovered it, drops its own LOLBins to infect Windows computers with a Node.js-based malware that will turn the devices into proxies. [...]

https://www.bleepingcomputer.com/news/security/microsoft-spots-nodersok-malware-campaign-that-zombifies-pcs/

Microsoft Explains Why Signed PowerShell Cmdlets May Run Slow

Microsoft issued an advisory that signed PowerShell cmdlets may run slower then unsigned cmdlets if Windows is having network connectivity problems. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-explains-why-signed-powershell-cmdlets-may-run-slow/

DoorDash Data Breach Exposes Info of Roughly 5 Million Users

DoorDash has announced a data breach where an unauthorized user was able to gain access to the personal information of 4.9 million consumers, Dashers, and merchants. [...]

https://www.bleepingcomputer.com/news/security/doordash-data-breach-exposes-info-of-roughly-5-million-users/

Windows 10 1903 Cumulative Update KB4517211 Fixes Game Audio Issues

Microsoft has released the KB4517211 cumulative update for Windows 10 1903 (May 2019 Update) that introduces a variety of quality improvements and bug fixes. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-1903-cumulative-update-kb4517211-fixes-game-audio-issues/

New WhiteShadow Downloader Uses MSSQL Servers for Malware Delivery

A new malware downloader delivered via multiple campaigns uses detection evasion techniques and Microsoft SQL queries to drop malicious payloads onto compromised machines. [...]

https://www.bleepingcomputer.com/news/security/new-whiteshadow-downloader-uses-mssql-servers-for-malware-delivery/

Microsoft Removes CCleaner Ban From Their Community Forums

Microsoft has decided to roll back their decision to add CCleaner to a blacklist that would prevent the software's official site, www.ccleaner.com, from be posted in the Microsoft Community Forums. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-ccleaner-ban-from-their-community-forums/

Adobe and Google Open Redirects Abused by Phishing Campaigns

Google and Adobe open redirects are being used by phishing campaigns in order to add legitimacy to the URLs used in the spam emails. [...]

https://www.bleepingcomputer.com/news/security/adobe-and-google-open-redirects-abused-by-phishing-campaigns/

Fake Apps Sneak Gambling Into iOS and Android App Stores

Gambling apps double-crossed the review systems in Google Play and the App Store by posing as a policy-abiding app. After bypassing the verification, the infringing functionality became available to users. [...]

https://www.bleepingcomputer.com/news/security/fake-apps-sneak-gambling-into-ios-and-android-app-stores/

Windows 10 Version 1903 Now in Broad Deployment, Available to Everyone

Microsoft has announced that Windows 10 version 1903 has now been added to the broad deployment channel and will be available to everyone via Windows Update. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-version-1903-now-in-broad-deployment-available-to-everyone/

Office 365 to Get Automated Incident Response for Hacked Accounts

Microsoft is currently working on adding a new Automated Incident Response playbook to Office 365 Advanced Threat Protection (ATP) to allow Security Operations (SecOps) teams to automatically investigate and remediate hacked accounts. [...]

https://www.bleepingcomputer.com/news/microsoft/office-365-to-get-automated-incident-response-for-hacked-accounts/