LiveAuctioneers reports data breach after user records sold online

LiveAuctioneers has disclosed a data breach after a well-known data breach broker began selling 3.4 million stolen user records on a hacker forum. [...]

https://www.bleepingcomputer.com/news/security/liveauctioneers-reports-data-breach-after-user-records-sold-online/

New AgeLocker Ransomware uses Googler's utility to encrypt files

A new and targeted ransomware named AgeLocker utilizes the 'Age' encryption tool created by a Google employee to encrypt victim's files. [...]

https://www.bleepingcomputer.com/news/security/new-agelocker-ransomware-uses-googlers-utility-to-encrypt-files/

Critical SAP Recon flaw exposes thousands of systems to attacks

SAP patched a critical vulnerability affecting over 40,000 systems and found in the SAP NetWeaver Java versions 7.30 to 7.50, a core component of several solutions and products deployed in most SAP environments. [...]

https://www.bleepingcomputer.com/news/security/critical-sap-recon-flaw-exposes-thousands-of-systems-to-attacks/

Android chat app uses public code to spy, exposes user data

A chat application for Android claiming to be a secure messaging platform comes with spying functionality and stores user data in an unsecure location that is publicly available. [...]

https://www.bleepingcomputer.com/news/security/android-chat-app-uses-public-code-to-spy-exposes-user-data/

New GoldenHelper malware found in official Chinese tax software

A new backdoor dubbed GoldenHelper was discovered by Trustwave embedded within Golden Tax Invoicing Software, part of the Chinese government' Golden Tax Project and required for issuing invoices and paying value-add tax (VAT) taxes. [...]

https://www.bleepingcomputer.com/news/security/new-goldenhelper-malware-found-in-official-chinese-tax-software/

Adobe fixes critical bugs in Creative Cloud, Media Encoder

Adobe has released security updates to address four critical vulnerabilities that could allow attackers to execute arbitrary code and write arbitrary files on Windows devices running vulnerable versions of Creative Cloud, Adobe Download Manager, and Adobe Media Encoder. [...]

https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-bugs-in-creative-cloud-media-encoder/

Hacker releases database of 270 million alleged Wattpad records

An allegedly stolen Wattpad database containing 270 million records were being sold in private sales for over $100,000. Now it is being offered for free on hacker forums. [...]

https://www.bleepingcomputer.com/news/security/hacker-releases-database-of-270-million-alleged-wattpad-records/

Windows 10 Cumulative Updates KB4565503 & KB4565483 Released

The July 2020 Patch Tuesday updates for Windows 10 version 2004 and later are now rolling out and you can download and install the latest security fixes by checking for updates in the Settings. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb4565503-and-kb4565483-released/

Microsoft patches critical wormable SigRed bug in Windows DNS Server

A critical vulnerability that's been sitting in Microsoft's Windows DNS Server for almost two decades could be exploited to gain Domain Administrator privileges and compromise the entire corporate infrastructure behind it. [...]

https://www.bleepingcomputer.com/news/security/microsoft-patches-critical-wormable-sigred-bug-in-windows-dns-server/

Microsoft July 2020 Patch Tuesday: 123 vulnerabilities, 18 Critical!

Today is Microsoft's July 2020 Patch Tuesday, and if you see Windows administrators cursing for no reason, now you know why! With the July 2020 Patch Tuesday security updates release, Microsoft has released one advisory for a tampering vulnerability in IIS and fixes for 123 vulnerabilities in Microsoft products. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2020-patch-tuesday-123-vulnerabilities-18-critical/

Windows 10 2004 servicing stack update fixes privilege escalation bug

Microsoft today released quality improvements and security updates to the Windows 10 servicing stack, a component designed to enable customers to receive and install Windows updates. [...]

https://www.bleepingcomputer.com/news/security/windows-10-2004-servicing-stack-update-fixes-privilege-escalation-bug/

Chrome 84 released with important security enhancements

Google has released Chrome 84 today, July 14th, 2020, to the Stable desktop channel, and it includes numerous security enhancements and new APIs for developers. [...]

https://www.bleepingcomputer.com/news/google/chrome-84-released-with-important-security-enhancements/

Microsoft fixes Windows 10 issue causing reboots, LSASS crashes

Microsoft today fixed a known issue that was causing Local Security Authority Subsystem Service (LSASS) crashes and forced system reboots on some Windows devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-issue-causing-reboots-lsass-crashes/

WhatsApp is down, users reporting worldwide outage

WhatsApp is down with users worldwide reporting problems connecting to the messaging platform. [...]

https://www.bleepingcomputer.com/news/software/whatsapp-is-down-users-reporting-worldwide-outage/

Microsoft Office July security updates patch critical RCE bugs

Microsoft released the July 2020 Office security updates with a total of 25 security updates and 5 cumulative updates for 7 different products, fixing 25 remote code execution (RCE) bugs that could allow remote attackers to execute arbitrary code on unpatched systeMicrosoft released the July 2020 Office security updates with a total [...]

https://www.bleepingcomputer.com/news/security/microsoft-office-july-security-updates-patch-critical-rce-bugs/

Google Chrome ends Windows 10 memory optimization test after CPU hit

Google has stopped testing a Windows 10 memory optimization developed by Microsoft after finding it caused a performance hit in Google Chrome. [...]

https://www.bleepingcomputer.com/news/microsoft/google-chrome-ends-windows-10-memory-optimization-test-after-cpu-hit/

Microsoft removes Windows 10 2004 Thunderbolt dock update block

Microsoft is removing a Windows 10, version 2004 safeguard hold after resolving a known issue that was triggering blue screens and stop errors when plugging or unplugging Thunderbolt docks on some devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-windows-10-2004-thunderbolt-dock-update-block/

Microsoft Outlook is crashing worldwide with 0xc0000005 errors

Microsoft Outlook is immediately crashing worldwide when users start the application, with 0xc0000005 errors being displayed in the Windows Event Viewer. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-outlook-is-crashing-worldwide-with-0xc0000005-errors/

Cisco fixes critical pre-auth flaws allowing router takeover

Cisco today has released security updates to address critical remote code execution (RCE), authentication bypass, and static default credential vulnerabilities affecting multiple router and firewall devices that could lead to full device takeover. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-pre-auth-flaws-allowing-router-takeover/

Citrix: No breach, hacker stole business info from third party

Citrix has published an official statement to deny claims that the company's network was breached by a malicious actor who says that he was also able to steal customer information. [...]

https://www.bleepingcomputer.com/news/security/citrix-no-breach-hacker-stole-business-info-from-third-party/

Apple, Kanye, Gates, Bezos, more hacked in Twitter account crypto scam

Hackers are taking over high profile verified Twitter accounts to promote a cryptocurrency scam promising to give away up to 5,000 bitcoins to those sending between 0.1 BTC to 20 BTC to a "contribution" address. [...]

https://www.bleepingcomputer.com/news/security/apple-kanye-gates-bezos-more-hacked-in-twitter-account-crypto-scam/