Windows 10 Cumulative Updates KB4549951 & KB4549949 Released
Patch Tuesday April 2020 Updates are now rolling out to all supported versions of Windows 10 and paid customers of Windows 7. The cumulative update with security fixes is rolling out to PCs with November 2019 Update, May 2019 Update and October 2018 Update. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb4549951-and-kb4549949-released/
Patch Tuesday April 2020 Updates are now rolling out to all supported versions of Windows 10 and paid customers of Windows 7. The cumulative update with security fixes is rolling out to PCs with November 2019 Update, May 2019 Update and October 2018 Update. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb4549951-and-kb4549949-released/
BleepingComputer
Windows 10 Cumulative Updates KB4549951 & KB4549949 Released
Patch Tuesday April 2020 Updates are now rolling out to all supported versions of Windows 10 and paid customers of Windows 7. The cumulative update with security fixes is rolling out to PCs with November 2019 Update, May 2019 Update and October 2018 Update.
RagnarLocker ransomware hits EDP energy giant, asks for β¬10M
Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC ransom ($10.9M or β¬9.9M). [...]
https://www.bleepingcomputer.com/news/security/ragnarlocker-ransomware-hits-edp-energy-giant-asks-for-10m/
Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC ransom ($10.9M or β¬9.9M). [...]
https://www.bleepingcomputer.com/news/security/ragnarlocker-ransomware-hits-edp-energy-giant-asks-for-10m/
BleepingComputer
RagnarLocker ransomware hits EDP energy giant, asks for β¬10M
Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC ransom ($10.9M or β¬9.9M).
Microsoft April 2020 Patch Tuesday fixes 4 zero-days, 15 critical flaws
With the release of the April 2020 security updates, Microsoft has released fixes for 113 vulnerabilities in Microsoft products. Of these vulnerabilities, 15 are classified as Critical, 93 as Important, 3 as Moderate, and 2 as Low. Four of these vulnerability are classified as zero-days as they were publicly disclosed or exploited. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2020-patch-tuesday-fixes-4-zero-days-15-critical-flaws/
With the release of the April 2020 security updates, Microsoft has released fixes for 113 vulnerabilities in Microsoft products. Of these vulnerabilities, 15 are classified as Critical, 93 as Important, 3 as Moderate, and 2 as Low. Four of these vulnerability are classified as zero-days as they were publicly disclosed or exploited. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2020-patch-tuesday-fixes-4-zero-days-15-critical-flaws/
BleepingComputer
Microsoft April 2020 Patch Tuesday fixes 3 zero-days, 15 critical flaws
With the release of the April 2020 security updates, Microsoft has released fixes for 113 vulnerabilities in Microsoft products. Of these vulnerabilities, 15 are classified as Critical, 93 as Important, 3 as Moderate, and 2 as Low. Three of these vulnerabilityβ¦
Intel April Platform Update fixes high severity security issues
Intel addressed nine security vulnerabilities with the April 2020 Platform Update, all of them being high and medium severity security flaws impacting multiple software products, firmware, and platforms. [...]
https://www.bleepingcomputer.com/news/security/intel-april-platform-update-fixes-high-severity-security-issues/
Intel addressed nine security vulnerabilities with the April 2020 Platform Update, all of them being high and medium severity security flaws impacting multiple software products, firmware, and platforms. [...]
https://www.bleepingcomputer.com/news/security/intel-april-platform-update-fixes-high-severity-security-issues/
BleepingComputer
Intel April Platform Update fixes high severity security issues
Intel addressed nine security vulnerabilities with the April 2020 Platform Update, all of them being high and medium severity security flaws impacting multiple software products, firmware, and platforms.
Microsoft Office April security updates fix critical RCE bugs
Microsoft released the April 2020 Office security updates on April 14, 2020, with a total of 55 security updates and 5 cumulative updates for 7 different products, and patching 5 critical bugs allowing attackers to run scripts as the current user and remotely execute arbitrary code on unpatched systems. [...]
https://www.bleepingcomputer.com/news/security/microsoft-office-april-security-updates-fix-critical-rce-bugs/
Microsoft released the April 2020 Office security updates on April 14, 2020, with a total of 55 security updates and 5 cumulative updates for 7 different products, and patching 5 critical bugs allowing attackers to run scripts as the current user and remotely execute arbitrary code on unpatched systems. [...]
https://www.bleepingcomputer.com/news/security/microsoft-office-april-security-updates-fix-critical-rce-bugs/
BleepingComputer
Microsoft Office April security updates fix critical RCE bugs
Microsoft released the April 2020 Office security updates on April 14, 2020, with a total of 55 security updates and 5 cumulative updates for 7 different products, and patching 5 critical bugs allowing attackers to run scripts as the current user and remotelyβ¦
Microsoft Office security updates may break VBA programs, how to fix
Microsoft says that some VBA programs might break after installing the security updates for the CVE-2020-0760 Microsoft Office remote code execution vulnerability released as part of the April 2020 Patch Tuesday. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-office-security-updates-may-break-vba-programs-how-to-fix/
Microsoft says that some VBA programs might break after installing the security updates for the CVE-2020-0760 Microsoft Office remote code execution vulnerability released as part of the April 2020 Patch Tuesday. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-office-security-updates-may-break-vba-programs-how-to-fix/
BleepingComputer
Microsoft Office security updates may break VBA programs, how to fix
Microsoft says that some VBA programs might break after installing the security updates for the CVE-2020-0760 Microsoft Office remote code execution vulnerability released as part of the April 2020 Patch Tuesday.
Cloudflare dashboard and APIs are down, some sites having issues
Cloudflare is experiencing outages in multiple components of its infrastructure including, the dashboard, API, and their Argo smart routing feature that are causing issues for some sites that are using them. [...]
https://www.bleepingcomputer.com/news/technology/cloudflare-dashboard-and-apis-are-down-some-sites-having-issues/
Cloudflare is experiencing outages in multiple components of its infrastructure including, the dashboard, API, and their Argo smart routing feature that are causing issues for some sites that are using them. [...]
https://www.bleepingcomputer.com/news/technology/cloudflare-dashboard-and-apis-are-down-some-sites-having-issues/
BleepingComputer
Cloudflare dashboard and APIs are down, some sites having issues
Cloudflare is experiencing outages in multiple components of its infrastructure including, the dashboard, API, and their Argo smart routing feature that are causing issues for some sites that are using them.
Exploit for Zoom Windows zero-day being sold for $500,000
An exploit for a zero-day remote code execution vulnerability affecting the Zoom Windows client is currently being sold for $500,000, together with one designed to abused a bug in the video conferencing platform's macOS client. [...]
https://www.bleepingcomputer.com/news/security/exploit-for-zoom-windows-zero-day-being-sold-for-500-000/
An exploit for a zero-day remote code execution vulnerability affecting the Zoom Windows client is currently being sold for $500,000, together with one designed to abused a bug in the video conferencing platform's macOS client. [...]
https://www.bleepingcomputer.com/news/security/exploit-for-zoom-windows-zero-day-being-sold-for-500-000/
BleepingComputer
Exploit for Zoom Windows zero-day being sold for $500,000
An exploit for a zero-day remote code execution vulnerability affecting the Zoom Windows client is currently being sold for $500,000, together with one designed to abused a bug in the video conferencing platform's macOS client.
US issues guidance on North Korean hackers, offers $5M reward
The U.S. government has issued guidance on North Korean hacking activity in a joint advisory published by the U.S. Departments of State, Treasury, and Homeland Security, and the FBI. [...]
https://www.bleepingcomputer.com/news/security/us-issues-guidance-on-north-korean-hackers-offers-5m-reward/
The U.S. government has issued guidance on North Korean hacking activity in a joint advisory published by the U.S. Departments of State, Treasury, and Homeland Security, and the FBI. [...]
https://www.bleepingcomputer.com/news/security/us-issues-guidance-on-north-korean-hackers-offers-5m-reward/
BleepingComputer
US issues guidance on North Korean hackers, offers $5M reward
The U.S. government has issued guidance on North Korean hacking activity in a joint advisory published by the U.S. Departments of State, Treasury, and Homeland Security, and the FBI.
Nemty Ransomware shuts down public RaaS operation, goes private
The Nemty Ransomware is shutting down its public Ransomware-as-a-Service (RaaS) operation and switching to an exclusive private operation where affiliates are hand-selected for their expertise. [...]
https://www.bleepingcomputer.com/news/security/nemty-ransomware-shuts-down-public-raas-operation-goes-private/
The Nemty Ransomware is shutting down its public Ransomware-as-a-Service (RaaS) operation and switching to an exclusive private operation where affiliates are hand-selected for their expertise. [...]
https://www.bleepingcomputer.com/news/security/nemty-ransomware-shuts-down-public-raas-operation-goes-private/
BleepingComputer
Nemty Ransomware shuts down public RaaS operation, goes private
The Nemty Ransomware is shutting down its public Ransomware-as-a-Service (RaaS) operation and switching to an exclusive private operation where affiliates are hand-selected for their expertise.
Windows Defender broken by recent updates, no fix yet
When performing a full antivirus scan using Windows Defender, a recent definition update or Windows update is causing the program to crash in the middle of a scan. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-defender-broken-by-recent-updates-no-fix-yet/
When performing a full antivirus scan using Windows Defender, a recent definition update or Windows update is causing the program to crash in the middle of a scan. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-defender-broken-by-recent-updates-no-fix-yet/
BleepingComputer
Windows Defender broken by recent updates, how to fix
When performing a full antivirus scan using Windows Defender, a recent definition update or Windows update is causing the program to crash in the middle of a scan.
Zoom to let you report Zoom-bombing attackers crashing meetings
Zoom's efforts to improve the video conferencing platform's privacy and security will continue next week with the introduction of a user report feature aimed at helping prevent future zoom-bombing attacks. [...]
https://www.bleepingcomputer.com/news/security/zoom-to-let-you-report-zoom-bombing-attackers-crashing-meetings/
Zoom's efforts to improve the video conferencing platform's privacy and security will continue next week with the introduction of a user report feature aimed at helping prevent future zoom-bombing attacks. [...]
https://www.bleepingcomputer.com/news/security/zoom-to-let-you-report-zoom-bombing-attackers-crashing-meetings/
BleepingComputer
Zoom to let you report Zoom-bombing attackers crashing meetings
Zoom's efforts to improve the video conferencing platform's privacy and security will continue next week with the introduction of a user report feature aimed at helping prevent future zoom-bombing attacks.
Gmail blocked 18M COVID-19-themed phishing emails in a week
Google says that the malware scanners built within the Gmail free email service blocked around 18 million phishing and malware emails using COVID-19 lures within the last week. [...]
https://www.bleepingcomputer.com/news/security/gmail-blocked-18m-covid-19-themed-phishing-emails-in-a-week/
Google says that the malware scanners built within the Gmail free email service blocked around 18 million phishing and malware emails using COVID-19 lures within the last week. [...]
https://www.bleepingcomputer.com/news/security/gmail-blocked-18m-covid-19-themed-phishing-emails-in-a-week/
BleepingComputer
Gmail blocked 18M COVID-19-themed phishing emails in a week
Google says that the malware scanners built within the Gmail free email service blocked around 18 million phishing and malware emails using COVID-19 lures within the last week.
Hackers steal WiFi passwords using upgraded Agent Tesla malware
Some new variants of the Agent Tesla info-stealer malware now come with a dedicated module for stealing WiFi passwords from infected devices, credentials that might be used in future attacks to spread to and compromise other systems on the same wireless network. [...]
https://www.bleepingcomputer.com/news/security/hackers-steal-wifi-passwords-using-upgraded-agent-tesla-malware/
Some new variants of the Agent Tesla info-stealer malware now come with a dedicated module for stealing WiFi passwords from infected devices, credentials that might be used in future attacks to spread to and compromise other systems on the same wireless network. [...]
https://www.bleepingcomputer.com/news/security/hackers-steal-wifi-passwords-using-upgraded-agent-tesla-malware/
BleepingComputer
Hackers steal WiFi passwords using upgraded Agent Tesla malware
Some new variants of the Agent Tesla info-stealer malware now come with a dedicated module for stealing WiFi passwords from infected devices, credentials that might be used in future attacks to spread to and compromise other systems on the same wireless network.
Fake Valorant beta key generators are stealing gamers' passwords
With Riot Game's new eagerly anticipated tactical FPS game Valorant reaching closed beta, gamers around the world have been scrambling to get an invite so that they can start playing the game before its released. [...]
https://www.bleepingcomputer.com/news/security/fake-valorant-beta-key-generators-are-stealing-gamers-passwords/
With Riot Game's new eagerly anticipated tactical FPS game Valorant reaching closed beta, gamers around the world have been scrambling to get an invite so that they can start playing the game before its released. [...]
https://www.bleepingcomputer.com/news/security/fake-valorant-beta-key-generators-are-stealing-gamers-passwords/
BleepingComputer
Fake Valorant beta key generators are stealing gamers' passwords
With Riot Game's new eagerly anticipated tactical FPS game Valorant reaching closed beta, gamers around the world have been scrambling to get an invite so that they can start playing the game before its released.
Windows 10 2004 almost here, final build released to Insiders!
Microsoft has officially released the final build of Windows 10 2004 to Insiders in the Release preview ring and plans on releasing it to everyone in May as the "May 2020 Update". [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-almost-here-final-build-released-to-insiders/
Microsoft has officially released the final build of Windows 10 2004 to Insiders in the Release preview ring and plans on releasing it to everyone in May as the "May 2020 Update". [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-almost-here-final-build-released-to-insiders/
BleepingComputer
Windows 10 2004 almost here, final build released to Insiders!
Microsoft has officially released the final build of Windows 10 2004 to Insiders in the Release preview ring and plans on releasing it to everyone in May as the "May 2020 Update".
GitHub accounts stolen in ongoing phishing attacks
GitHub users are currently being targeted by a phishing campaign specifically designed to collect and steal their credentials via landing pages mimicking GitHub's login page. [...]
https://www.bleepingcomputer.com/news/security/github-accounts-stolen-in-ongoing-phishing-attacks/
GitHub users are currently being targeted by a phishing campaign specifically designed to collect and steal their credentials via landing pages mimicking GitHub's login page. [...]
https://www.bleepingcomputer.com/news/security/github-accounts-stolen-in-ongoing-phishing-attacks/
BleepingComputer
GitHub accounts stolen in ongoing phishing attacks
GitHub users are currently being targeted by a phishing campaign specifically designed to collect and steal their credentials via landing pages mimicking GitHub's login page.
Microsoft helped stop a botnet controlled via an LED light console
Microsoft says that its Digital Crimes Unit (DCU) discovered and helped take down a botnet of 400,000 compromised devices controlled with the help of an LED light control console. [...]
https://www.bleepingcomputer.com/news/security/microsoft-helped-stop-a-botnet-controlled-via-an-led-light-console/
Microsoft says that its Digital Crimes Unit (DCU) discovered and helped take down a botnet of 400,000 compromised devices controlled with the help of an LED light control console. [...]
https://www.bleepingcomputer.com/news/security/microsoft-helped-stop-a-botnet-controlled-via-an-led-light-console/
BleepingComputer
Microsoft helped stop a botnet controlled via an LED light console
Microsoft says that its Digital Crimes Unit (DCU) discovered and helped take down a botnet of 400,000 compromised devices controlled with the help of an LED light control console.
Leading accounting firm MNP hit with cyberattack
A leading accounting firm in Canada forced a company-wide shutdown of their systems after getting hit with a cyberattack last weekend, BleepingComputer has learned. [...]
https://www.bleepingcomputer.com/news/security/leading-accounting-firm-mnp-hit-with-cyberattack/
A leading accounting firm in Canada forced a company-wide shutdown of their systems after getting hit with a cyberattack last weekend, BleepingComputer has learned. [...]
https://www.bleepingcomputer.com/news/security/leading-accounting-firm-mnp-hit-with-cyberattack/
BleepingComputer
Leading accounting firm MNP hit with cyberattack
A leading accounting firm in Canada forced a company-wide shutdown of their systems after getting hit with a cyberattack last weekend, BleepingComputer has learned.
Microsoft: Trickbot in hundreds of unique COVID-19 lures per week
TrickBot is, at the moment, the malware showing up in the highest number of unique COVID-19 related malicious emails and attachments delivered to potential victims' inboxes based on Microsoft's Office 365 Advanced Threat Protection (ATP) data. [...]
https://www.bleepingcomputer.com/news/security/microsoft-trickbot-in-hundreds-of-unique-covid-19-lures-per-week/
TrickBot is, at the moment, the malware showing up in the highest number of unique COVID-19 related malicious emails and attachments delivered to potential victims' inboxes based on Microsoft's Office 365 Advanced Threat Protection (ATP) data. [...]
https://www.bleepingcomputer.com/news/security/microsoft-trickbot-in-hundreds-of-unique-covid-19-lures-per-week/
BleepingComputer
Microsoft: Trickbot in hundreds of unique COVID-19 lures per week
TrickBot is, at the moment, the malware showing up in the highest number of unique COVID-19 related malicious emails and attachments delivered to potential victims' inboxes based on Microsoft's Office 365 Advanced Threat Protection (ATP) data.
The Week in Ransomware - April 17th 2020 - Changing Tactics
There was not a lot of new ransomware variants released this week, but some pretty interesting news about operations changing their tactics to remain more profitable and to evade law enforcement. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-17th-2020-changing-tactics/
There was not a lot of new ransomware variants released this week, but some pretty interesting news about operations changing their tactics to remain more profitable and to evade law enforcement. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-17th-2020-changing-tactics/
BleepingComputer
The Week in Ransomware - April 17th 2020 - Changing Tactics
There was not a lot of new ransomware variants released this week, but some pretty interesting news about operations changing their tactics to remain more profitable and to evade law enforcement.