Windows 10 KB4554364 Update Fixes Internet Connectivity Issues

Microsoft has released an out-of-band Windows 10 update to fix a bug that was causing internet connectivity issues on devices with proxies, including virtual private networks (VPNs). [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4554364-update-fixes-internet-connectivity-issues/

Grammarly is Now Available for Microsoft Word on Mac

Grammarly has announced that its AI-driven writing assistant is now available for Mac users as an add-in for Microsoft Word. [...]

https://www.bleepingcomputer.com/news/software/grammarly-is-now-available-for-microsoft-word-on-mac/

Cloudflare's 1.1.1.1 DNS Passes Privacy Audit, Some Issues Found

Cloudflare has released the results of a privacy audit of their a 1.1.1.1 DNS service that backs up Cloudflare's statement regarding how DNS query data is being stored and collected on their servers. [...]

https://www.bleepingcomputer.com/news/security/cloudflares-1111-dns-passes-privacy-audit-some-issues-found/

Marriott Reports Data Breach Affecting Up to 5.2 Million Guests

Marriott International​​​​​​​ today revealed that the personal information of roughly 5.2 million hotel guests was impacted in a data breach incident detected at the end of February 2020. [...]

https://www.bleepingcomputer.com/news/security/marriott-reports-data-breach-affecting-up-to-52-million-guests/

Critical WordPress Plugin Bug Lets Hackers Turn Users Into Admins

A critical privilege escalation vulnerability found in the Rank Math WordPress SEO plugin can allow attackers to give administrator privileges to any registered user on one of the 200,000 sites with active installations if left unpatched. [...]

https://www.bleepingcomputer.com/news/security/critical-wordpress-plugin-bug-lets-hackers-turn-users-into-admins/

WinRAR 5.90 Final Released For Windows, Mac, Linux, and Android

WinRAR 5.90 Final has been released with numerous performance improvements and bug fixes for Windows, Mac, Linux, and Android. [...]

https://www.bleepingcomputer.com/news/software/winrar-590-final-released-for-windows-mac-linux-and-android/

Microsoft Delays Disabling Insecure TLS in Browsers Until July

Microsoft announced today that it will delay disabling support for the insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols from Microsoft web browsers because of the current global situation until the second half of 2020, with an estimated time of roll out during July. [...]

https://www.bleepingcomputer.com/news/security/microsoft-delays-disabling-insecure-tls-in-browsers-until-july/

Microsoft Updates Windows 10 PowerToys With New Utilities

Microsoft updated the open-source Windows 10 PowerToys toolset with new utilities for quickly switching between windows, for previewing files in Windows Explorer, and for batch resizing images from the context menu. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-updates-windows-10-powertoys-with-new-utilities/

How to Secure Your Zoom Meetings from Zoom-Bombing Attacks

This guide will walk you through securing your Zoom meetings so that virtual get-togethers, meetings, exercise classes, and even hours are not Zoom-bombed by unauthorized users. [...]

https://www.bleepingcomputer.com/news/software/how-to-secure-your-zoom-meetings-from-zoom-bombing-attacks/

Zoom Client Leaks Windows Login Credentials to Attackers

The Zoom Windows client is vulnerable to UNC path injection in the client's chat feature that could allow attackers to steal the Windows credentials of users who click on the link. [...]

https://www.bleepingcomputer.com/news/security/zoom-client-leaks-windows-login-credentials-to-attackers/

Microsoft is Alerting Hospitals Vulnerable to Ransomware Attacks

Microsoft has started to send targeted notifications to dozens of hospitals about vulnerable public-facing VPN devices and gateways located on their network. [...]

https://www.bleepingcomputer.com/news/security/microsoft-is-alerting-hospitals-vulnerable-to-ransomware-attacks/

Hacker Group Backdoors Thousands of Microsoft SQL Servers Daily

Hackers have been brute-forcing thousands of vulnerable Microsoft SQL (MSSQL) servers to install cryptominers and remote access Trojans (RATs) since May 2018 as researchers at Guardicore Labs discovered in December. [...]

https://www.bleepingcomputer.com/news/security/hacker-group-backdoors-thousands-of-microsoft-sql-servers-daily/

Cloudflare Launches a DNS-Based Parental Control Service

Cloudflare introduced today '1.1.1.1 for Families,' a privacy-focused DNS resolver designed to help parents in their efforts to safeguard their children's online security and privacy​​​​​​ by automatically filtering out bad sites.​​​​​​​ [...]

https://www.bleepingcomputer.com/news/security/cloudflare-launches-a-dns-based-parental-control-service/

Introduce Kids to Cybersecurity With This Free Activity Book

Security company Balbix has released a 12-page printable activity book for children that introduces them to cybersecurity in a fun way. [...]

https://www.bleepingcomputer.com/news/security/introduce-kids-to-cybersecurity-with-this-free-activity-book/

How to Mitigate the Windows Font Parsing Zero-Day Bug via GPO

Active Directory (AD) admins can mitigate the recently disclosed and actively exploited remote code execution (RCE) zero-day found in the Windows Adobe Type Manager Library in large AD environments using group policies. [...]

https://www.bleepingcomputer.com/news/security/how-to-mitigate-the-windows-font-parsing-zero-day-bug-via-gpo/

Office 365 Phishing Uses CSS Tricks to Bypass Email Gateways

A phishing campaign using Office 365 voicemail lures to trick them into visiting landing pages designed to steal their personal information or infect their computers with malware. [...]

https://www.bleepingcomputer.com/news/security/office-365-phishing-uses-css-tricks-to-bypass-email-gateways/

FBI Warns of Attacks on Remote Work, Distance Learning Platforms

FBI's Internet Crime Complaint Center (IC3) issued a public service announcement today about the risk of attacks exploiting the increased usage of online communication platforms for remote working and distance learning. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-attacks-on-remote-work-distance-learning-platforms/

IRS Warns of Surge in Economic Stimulus Payment Scams

The Internal Revenue Service (IRS) today issued a warning to alert about a surge in coronavirus-related scams over email, phone calls, or social media requesting personal information while using economic impact payments as a lure. [...]

https://www.bleepingcomputer.com/news/security/irs-warns-of-surge-in-economic-stimulus-payment-scams/

WordPress Plugin Bug Can Be Exploited to Create Rogue Admins

Owners of WordPress sites who use the Contact Form 7 Datepicker plugin are urged to remove or deactivate it to prevent attackers from creating rogue admins or taking over admin sessions after exploiting an authenticated stored cross-site scripting (XSS) vulnerability. [...]

https://www.bleepingcomputer.com/news/security/wordpress-plugin-bug-can-be-exploited-to-create-rogue-admins/

Twitter Reveals That Firefox Cached Private Data For Up to 7 Days

Twitter disclosed an issue in the way the Mozilla Firefox web browser cached data that may have lead to private media shared in DMs and data downloads being inadvertently stored in the browser's cache. [...]

https://www.bleepingcomputer.com/news/security/twitter-reveals-that-firefox-cached-private-data-for-up-to-7-days/

New Coronavirus-Themed Malware Locks You Out of Windows

With school closed due to the Coronavirus pandemic, some kids are creating malware to keep themselves occupied. Such is the case with a variety of new MBRLocker variants being released, including one with a Coronavirus theme. [...]

https://www.bleepingcomputer.com/news/security/new-coronavirus-themed-malware-locks-you-out-of-windows/