Microsoft's new Windows 10 Alt+Tab plan looks like a mess

In what is being called a productivity enhancement, Microsoft is testing a change to the Windows 10 Alt+Tab feature so that it also shows open Microsoft Edge browser tabs. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-new-windows-10-alt-tab-plan-looks-like-a-mess/

New Google Chrome feature to drastically reduce battery usage

Google is planning to add a new Chrome feature that could lead to drops of almost 30% in battery usage by throttling JavaScript timers in background tabs. [...]

https://www.bleepingcomputer.com/news/google/new-google-chrome-feature-to-drastically-reduce-battery-usage/

Ransomware attack on insurance MSP Xchanging affects clients

Global IT services and solutions provider DXC Technology announced over the weekend a ransomware attack on systems from its Xchanging subsidiary. [...]

https://www.bleepingcomputer.com/news/security/ransomware-attack-on-insurance-msp-xchanging-affects-clients/

EDP energy giant confirms Ragnar Locker ransomware attack

EDP Renewables North America (EDPR NA) confirmed a Ragnar Locker ransomware attack that affected its parent corporation's systems, the Portuguese multinational energy giant Energias de Portugal (EDP). [...]

https://www.bleepingcomputer.com/news/security/edp-energy-giant-confirms-ragnar-locker-ransomware-attack/

Microsoft Defender ATP web content filtering is now free

The new Microsoft Defender Advanced Threat Protection (ATP) Web Content Filtering feature will be provided for free to all enterprise customers without the need for an additional partner license. [...]

https://www.bleepingcomputer.com/news/security/microsoft-defender-atp-web-content-filtering-is-now-free/

Citrix fixes 11 flaws in ADC, Gateway, and SD-WAN WANOP appliances

Citrix today patched a set of 11 vulnerabilities found to affect its Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP (appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO) networking products. [...]

https://www.bleepingcomputer.com/news/security/citrix-fixes-11-flaws-in-adc-gateway-and-sd-wan-wanop-appliances/

First reported Russian BEC scam gang targets Fortune 500 firms

Over the past year, a new group of fraudsters believed to be from the Russian cybercriminal space has elevated Business Email Compromise (BEC) scams to a new level. [...]

https://www.bleepingcomputer.com/news/security/first-reported-russian-bec-scam-gang-targets-fortune-500-firms/

US Treasury shares tips on spotting money mule and imposter scams

The US Financial Crimes Enforcement Network (FinCEN) today has issued a security alert designed to share potential indicators of imposter scams and money mule schemes with US financial institutions. [...]

https://www.bleepingcomputer.com/news/security/us-treasury-shares-tips-on-spotting-money-mule-and-imposter-scams/

Windows 10: The beginning of the end for Control Panel

Microsoft has started testing the removal of the venerable System control panel on Windows 10 and instead redirecting users to the modern About page. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-the-beginning-of-the-end-for-control-panel/

Microsoft takes down domains used in COVID-19-related cybercrime

Microsoft took control of domains used by cybercriminals as part of the infrastructure needed to launch phishing attacks designed to exploit vulnerabilities and public fear resulting from the COVID-19 pandemic. [...]

https://www.bleepingcomputer.com/news/security/microsoft-takes-down-domains-used-in-covid-19-related-cybercrime/

How to uninstall Microsoft Edge forced-installed via Windows Update

If Microsoft Edge was installed in Windows 10 via Windows Update, you can not remove it via standard methods. That does not mean you cannot remove it, though, as a technique has been discovered to uninstall the program via the command prompt. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-uninstall-microsoft-edge-forced-installed-via-windows-update/

Mitigating critical F5 BIG-IP RCE flaw not enough, bypass found

F5 BIG-IP customers who only applied recommended mitigations and haven't yet patched their devices against the unauthenticated remote code execution (RCE) CVE-2020-5902 vulnerability are now advised to update them against a recently found bypass. [...]

https://www.bleepingcomputer.com/news/security/mitigating-critical-f5-big-ip-rce-flaw-not-enough-bypass-found/

ThiefQuest info-stealing Mac wiper gets free decryptor

Poor coding of the ThiefQuest ransomware in disguise that targets macOS users allows recovery of encrypted files, which would remain lost in lack of a backup. [...]

https://www.bleepingcomputer.com/news/security/thiefquest-info-stealing-mac-wiper-gets-free-decryptor/

DOJ indict Fxmsp hacker for selling access to hacked orgs, AV firms

The US Department of Justice has indicted a hacker known as 'Fxmsp' for hacking into and selling access to over three hundred organizations worldwide. [...]

https://www.bleepingcomputer.com/news/security/doj-indict-fxmsp-hacker-for-selling-access-to-hacked-orgs-av-firms/

Risky blogspot.in domain for sale after Google fails to renew it

Google's registration of the Blogspot domain expired recently, and the domain was immediately purchased by a domain service provider: [...]

https://www.bleepingcomputer.com/news/google/risky-blogspotin-domain-for-sale-after-google-fails-to-renew-it/

Microsoft fixes Word, Skype hangs in July Office 2020 updates

Microsoft released the July 2020 non-security Microsoft Office updates with improvements and fixes for issues impacting Windows Installer (MSI) editions of Office 2016 and Office 2013 products. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-word-skype-hangs-in-july-office-2020-updates/

NVIDIA fixes code execution bug in GeForce Experience software

NVIDIA has addressed a vulnerability in the Windows NVIDIA GeForce Experience (GFE) software that could allow local attackers to execute arbitrary code, trigger a denial of service (DoS) state, or access privileged information on unpatched systems. [...]

https://www.bleepingcomputer.com/news/security/nvidia-fixes-code-execution-bug-in-geforce-experience-software/

First look: Microsoft's Project Freta detects Linux malware for free

Microsoft Research has announced a cloud-based malware detection service called Project Freta to detect rootkits, cryptominers, and previously undetected malware strains lurking in your Linux cloud VM images. [...]

https://www.bleepingcomputer.com/news/security/first-look-microsofts-project-freta-detects-linux-malware-for-free/

Microsoft warns of Office 365 phishing via malicious OAuth apps

Microsoft warns that with the shift to remote working, customers are exposed to additional security threats such as consent phishing, besides conventional credential theft and email phishing attacks. [...]

https://www.bleepingcomputer.com/news/security/microsoft-warns-of-office-365-phishing-via-malicious-oauth-apps/

Palo Alto Networks fixes another severe flaw in PAN-OS devices

Palo Alto Networks (PAN) today addressed another severe vulnerability found in the PAN-OS GlobalProtect portal and affecting unpatched PAN next-generation firewalls. [...]

https://www.bleepingcomputer.com/news/security/palo-alto-networks-fixes-another-severe-flaw-in-pan-os-devices/

Over 15 billion credentials in circulation on hacker forums

At least 15 billion credentials are currently circulating on various hacker forums, giving cybercriminals fodder for account takeover attacks and identity renting services. [...]

https://www.bleepingcomputer.com/news/security/over-15-billion-credentials-in-circulation-on-hacker-forums/