Windows 10 2004 may break Storage Spaces, avoid using chkdsk

Microsoft says that users could experience issues using or accessing Storage Spaces configurations on some devices after updating them to Windows 10, version 2004, or Windows Server, version 2004. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-may-break-storage-spaces-avoid-using-chkdsk/

Bug in ‘USB for Remote Desktop’ lets hackers add fake devices

An unpatched vulnerability in software that redirects local USB devices to a remote system could help attackers elevate privileges on a target machine by adding fake devices. [...]

https://www.bleepingcomputer.com/news/security/bug-in-usb-for-remote-desktop-lets-hackers-add-fake-devices/

Microsoft planning Windows 10 2004 rollout for devices near EoS

Microsoft is currently preparing a Windows 10, version 2004 forced rollout to devices running Windows 10 versions approaching end of service (EOS) using a machine learning-based rollout process. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-planning-windows-10-2004-rollout-for-devices-near-eos/

Windows 10 Fresh Start feature quietly moved into Reset this PC

In Windows 10 version 2004, Microsoft moved the functionality of the Fresh Start feature into Reset this PC and forgot to tell anyone about it. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-fresh-start-feature-quietly-moved-into-reset-this-pc/

Zoom will provide end-to-end encryption to all users

Zoom's CEO Eric S. Yuan today announced that end-to-end encryption (E2EE) will be provided to all users (paid and free) after verifying their accounts by providing additional identification info such as their phone number. [...]

https://www.bleepingcomputer.com/news/security/zoom-will-provide-end-to-end-encryption-to-all-users/

Microsoft releases the first Windows 10 21H1 preview build

Microsoft has released their first Windows 10 21H1 preview today, build 20150, to Insiders on the Dev (Fast) channel. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-the-first-windows-10-21h1-preview-build/

Microsoft to resume Windows optional cumulative updates in July

Microsoft announced today that they are resuming the optional cumulative updates for Windows 10 and Windows Server version 1809 and later, in July.  [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-resume-windows-optional-cumulative-updates-in-july/

Cisco fixes severe flaws in Webex Meetings for Windows, macOS

Cisco today released security updates to address two high severity vulnerabilities found in the Cisco Webex Meetings Desktop App for Windows and macOS that could allow unprivileged attackers to run programs and code on vulnerable machines. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-severe-flaws-in-webex-meetings-for-windows-macos/

IT giant Cognizant confirms data breach after ransomware attack

In a series of data breach notifications, IT services giant Cognizant has stated that unencrypted data was most likely accessed and stolen during an April Maze Ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/it-giant-cognizant-confirms-data-breach-after-ransomware-attack/

InvisiMole malware delivered by Gamaredon hacker group

Security researchers have demystified the attack chain of the elusive InvisiMole cyberespionage group, revealing a complicated multi-stage format that relies on vulnerable legitimate tools, target-specific encryption of payloads, and stealthy communication. [...]

https://www.bleepingcomputer.com/news/security/invisimole-malware-delivered-by-gamaredon-hacker-group/

New Cisco Webex Meetings flaw lets attackers steal auth tokens

A new vulnerability found in the Cisco Webex Meetings client for Windows could allow local authenticated attackers to gain access to sensitive information including usernames, authentication tokens, and meeting information. [...]

https://www.bleepingcomputer.com/news/security/new-cisco-webex-meetings-flaw-lets-attackers-steal-auth-tokens/

Hijacked Oxford server used by hackers for Office 365 phishing

Hackers hijacked an Oxford email server to deliver malicious emails as part of a phishing campaign designed to harvest Microsoft Office 365 credentials from European, Asian, and Middle Eastern targets. [...]

https://www.bleepingcomputer.com/news/security/hijacked-oxford-server-used-by-hackers-for-office-365-phishing/

79 Netgear router models risk full takeover due to unpatched bug

​An unpatched zero-day vulnerability exists in 79 Netgear router models that allow an attacker to take full control over vulnerable devices remotely. [...]

https://www.bleepingcomputer.com/news/security/79-netgear-router-models-risk-full-takeover-due-to-unpatched-bug/

Wells Fargo phishing baits customers with calendar invites

Wells Fargo customers are being targeted by a phishing campaign impersonating the Wells Fargo Security Team and luring potential victims to phishing pages with the help of calendar invites. [...]

https://www.bleepingcomputer.com/news/security/wells-fargo-phishing-baits-customers-with-calendar-invites/

Microsoft fixes printing issues for all affected Windows 10 versions

Microsoft today released more cumulative updates to address a known issue plaguing multiple Windows 10 versions and breaking printing after installing updates released on June 9, 2020. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-printing-issues-for-all-affected-windows-10-versions/

Hackers use fake Windows error logs to hide malicious payload

Hackers have been using fake error logs to store ASCII characters disguised as hexadecimal values that decode to a malicious payload designed to prepare the ground for script-based attacks. [...]

https://www.bleepingcomputer.com/news/security/hackers-use-fake-windows-error-logs-to-hide-malicious-payload/

Windows Terminal adds a host of new features and settings

Microsoft released Windows Terminal Preview 1.1 with a long list of new features, settings, and changes including an "Open Windows Terminal here" File Explorer contextual menu entry, support for startup launch, and new command-line arguments. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-terminal-adds-a-host-of-new-features-and-settings/

Nigerian entrepreneur pleaded guilty to $11M Caterpillar fraud

Nigerian entrepreneur Obinwanne Okeke is facing 20 years in prison after pleading to conspiracy to commit wire fraud that caused US Fortune 100 corporation Caterpillar $11 million in losses as part of a business email compromise (BEC) fraud scheme. [...]

https://www.bleepingcomputer.com/news/security/nigerian-entrepreneur-pleaded-guilty-to-11m-caterpillar-fraud/

Microsoft Defender ATP now detects Windows 10 UEFI malware

Microsoft has announced that the enterprise Microsoft Defender Advanced Threat Protection (ATP) enterprise endpoint security platform is now capable of detecting and protecting customers from Unified Extensible Firmware Interface (UEFI) malware. [...]

https://www.bleepingcomputer.com/news/security/microsoft-defender-atp-now-detects-windows-10-uefi-malware/

Windows 10 Subsystem for Linux gets command line love, GPU support

Windows 10 users running insider builds got some treats from Microsoft this week with GPU support and new command-line options for the Windows Subsystem for Linux. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-subsystem-for-linux-gets-command-line-love-gpu-support/

The Week in Ransomware - June 19th 2020 - a quiet week

For the most part, it has been a quiet week with new variants of existing ransomware families being released. We also did not see too many large victims being disclosed and mostly updates of existing victims. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-19th-2020-a-quiet-week/