Malware adds Any.Run sandbox detection to evade analysis

Malware developers are now checking if their malware is running in the Any.Run malware analysis service to prevent their malware from being easily analyzed by researchers. [...]

https://www.bleepingcomputer.com/news/security/malware-adds-anyrun-sandbox-detection-to-evade-analysis/

Windows 10's Feedback Hub: A forum for political trolls, spammers

When Microsoft made the Feedback Hub universal app available to Windows 10 Insiders in March 2016 and generally available two months later, the plan was for the app to be the perfect tool for users to report issues and share suggestions on how to improve Windows experience for all customers. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10s-feedback-hub-a-forum-for-political-trolls-spammers/

Microsoft Office 365 will add support for disposable emails

Microsoft will provide Office 365 customers with support for using disposable emails to make it simpler to manage their inboxes and to keep track of email campaigns. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-office-365-will-add-support-for-disposable-emails/

Microsoft extends security for Azure Storage file shares, data lakes

Microsoft today announced that advanced threat protection for Azure Storage now also allows customers to protect data stored in Azure Files file shares and Azure Data Lake Storage Gen2 API data stores. [...]

https://www.bleepingcomputer.com/news/security/microsoft-extends-security-for-azure-storage-file-shares-data-lakes/

LiveAuctioneers reports data breach after user records sold online

LiveAuctioneers has disclosed a data breach after a well-known data breach broker began selling 3.4 million stolen user records on a hacker forum. [...]

https://www.bleepingcomputer.com/news/security/liveauctioneers-reports-data-breach-after-user-records-sold-online/

New AgeLocker Ransomware uses Googler's utility to encrypt files

A new and targeted ransomware named AgeLocker utilizes the 'Age' encryption tool created by a Google employee to encrypt victim's files. [...]

https://www.bleepingcomputer.com/news/security/new-agelocker-ransomware-uses-googlers-utility-to-encrypt-files/

Critical SAP Recon flaw exposes thousands of systems to attacks

SAP patched a critical vulnerability affecting over 40,000 systems and found in the SAP NetWeaver Java versions 7.30 to 7.50, a core component of several solutions and products deployed in most SAP environments. [...]

https://www.bleepingcomputer.com/news/security/critical-sap-recon-flaw-exposes-thousands-of-systems-to-attacks/

Android chat app uses public code to spy, exposes user data

A chat application for Android claiming to be a secure messaging platform comes with spying functionality and stores user data in an unsecure location that is publicly available. [...]

https://www.bleepingcomputer.com/news/security/android-chat-app-uses-public-code-to-spy-exposes-user-data/

New GoldenHelper malware found in official Chinese tax software

A new backdoor dubbed GoldenHelper was discovered by Trustwave embedded within Golden Tax Invoicing Software, part of the Chinese government' Golden Tax Project and required for issuing invoices and paying value-add tax (VAT) taxes. [...]

https://www.bleepingcomputer.com/news/security/new-goldenhelper-malware-found-in-official-chinese-tax-software/

Adobe fixes critical bugs in Creative Cloud, Media Encoder

Adobe has released security updates to address four critical vulnerabilities that could allow attackers to execute arbitrary code and write arbitrary files on Windows devices running vulnerable versions of Creative Cloud, Adobe Download Manager, and Adobe Media Encoder. [...]

https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-bugs-in-creative-cloud-media-encoder/

Hacker releases database of 270 million alleged Wattpad records

An allegedly stolen Wattpad database containing 270 million records were being sold in private sales for over $100,000. Now it is being offered for free on hacker forums. [...]

https://www.bleepingcomputer.com/news/security/hacker-releases-database-of-270-million-alleged-wattpad-records/

Windows 10 Cumulative Updates KB4565503 & KB4565483 Released

The July 2020 Patch Tuesday updates for Windows 10 version 2004 and later are now rolling out and you can download and install the latest security fixes by checking for updates in the Settings. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb4565503-and-kb4565483-released/

Microsoft patches critical wormable SigRed bug in Windows DNS Server

A critical vulnerability that's been sitting in Microsoft's Windows DNS Server for almost two decades could be exploited to gain Domain Administrator privileges and compromise the entire corporate infrastructure behind it. [...]

https://www.bleepingcomputer.com/news/security/microsoft-patches-critical-wormable-sigred-bug-in-windows-dns-server/

Microsoft July 2020 Patch Tuesday: 123 vulnerabilities, 18 Critical!

Today is Microsoft's July 2020 Patch Tuesday, and if you see Windows administrators cursing for no reason, now you know why! With the July 2020 Patch Tuesday security updates release, Microsoft has released one advisory for a tampering vulnerability in IIS and fixes for 123 vulnerabilities in Microsoft products. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2020-patch-tuesday-123-vulnerabilities-18-critical/

Windows 10 2004 servicing stack update fixes privilege escalation bug

Microsoft today released quality improvements and security updates to the Windows 10 servicing stack, a component designed to enable customers to receive and install Windows updates. [...]

https://www.bleepingcomputer.com/news/security/windows-10-2004-servicing-stack-update-fixes-privilege-escalation-bug/

Chrome 84 released with important security enhancements

Google has released Chrome 84 today, July 14th, 2020, to the Stable desktop channel, and it includes numerous security enhancements and new APIs for developers. [...]

https://www.bleepingcomputer.com/news/google/chrome-84-released-with-important-security-enhancements/

Microsoft fixes Windows 10 issue causing reboots, LSASS crashes

Microsoft today fixed a known issue that was causing Local Security Authority Subsystem Service (LSASS) crashes and forced system reboots on some Windows devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-issue-causing-reboots-lsass-crashes/

WhatsApp is down, users reporting worldwide outage

WhatsApp is down with users worldwide reporting problems connecting to the messaging platform. [...]

https://www.bleepingcomputer.com/news/software/whatsapp-is-down-users-reporting-worldwide-outage/

Microsoft Office July security updates patch critical RCE bugs

Microsoft released the July 2020 Office security updates with a total of 25 security updates and 5 cumulative updates for 7 different products, fixing 25 remote code execution (RCE) bugs that could allow remote attackers to execute arbitrary code on unpatched systeMicrosoft released the July 2020 Office security updates with a total [...]

https://www.bleepingcomputer.com/news/security/microsoft-office-july-security-updates-patch-critical-rce-bugs/

Google Chrome ends Windows 10 memory optimization test after CPU hit

Google has stopped testing a Windows 10 memory optimization developed by Microsoft after finding it caused a performance hit in Google Chrome. [...]

https://www.bleepingcomputer.com/news/microsoft/google-chrome-ends-windows-10-memory-optimization-test-after-cpu-hit/

Microsoft removes Windows 10 2004 Thunderbolt dock update block

Microsoft is removing a Windows 10, version 2004 safeguard hold after resolving a known issue that was triggering blue screens and stop errors when plugging or unplugging Thunderbolt docks on some devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-windows-10-2004-thunderbolt-dock-update-block/