Windows 10 Cumulative Updates KB4565503 & KB4565483 Released

The July 2020 Patch Tuesday updates for Windows 10 version 2004 and later are now rolling out and you can download and install the latest security fixes by checking for updates in the Settings. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb4565503-and-kb4565483-released/

Microsoft patches critical wormable SigRed bug in Windows DNS Server

A critical vulnerability that's been sitting in Microsoft's Windows DNS Server for almost two decades could be exploited to gain Domain Administrator privileges and compromise the entire corporate infrastructure behind it. [...]

https://www.bleepingcomputer.com/news/security/microsoft-patches-critical-wormable-sigred-bug-in-windows-dns-server/

Microsoft July 2020 Patch Tuesday: 123 vulnerabilities, 18 Critical!

Today is Microsoft's July 2020 Patch Tuesday, and if you see Windows administrators cursing for no reason, now you know why! With the July 2020 Patch Tuesday security updates release, Microsoft has released one advisory for a tampering vulnerability in IIS and fixes for 123 vulnerabilities in Microsoft products. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2020-patch-tuesday-123-vulnerabilities-18-critical/

Windows 10 2004 servicing stack update fixes privilege escalation bug

Microsoft today released quality improvements and security updates to the Windows 10 servicing stack, a component designed to enable customers to receive and install Windows updates. [...]

https://www.bleepingcomputer.com/news/security/windows-10-2004-servicing-stack-update-fixes-privilege-escalation-bug/

Chrome 84 released with important security enhancements

Google has released Chrome 84 today, July 14th, 2020, to the Stable desktop channel, and it includes numerous security enhancements and new APIs for developers. [...]

https://www.bleepingcomputer.com/news/google/chrome-84-released-with-important-security-enhancements/

Microsoft fixes Windows 10 issue causing reboots, LSASS crashes

Microsoft today fixed a known issue that was causing Local Security Authority Subsystem Service (LSASS) crashes and forced system reboots on some Windows devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-issue-causing-reboots-lsass-crashes/

WhatsApp is down, users reporting worldwide outage

WhatsApp is down with users worldwide reporting problems connecting to the messaging platform. [...]

https://www.bleepingcomputer.com/news/software/whatsapp-is-down-users-reporting-worldwide-outage/

Microsoft Office July security updates patch critical RCE bugs

Microsoft released the July 2020 Office security updates with a total of 25 security updates and 5 cumulative updates for 7 different products, fixing 25 remote code execution (RCE) bugs that could allow remote attackers to execute arbitrary code on unpatched systeMicrosoft released the July 2020 Office security updates with a total [...]

https://www.bleepingcomputer.com/news/security/microsoft-office-july-security-updates-patch-critical-rce-bugs/

Google Chrome ends Windows 10 memory optimization test after CPU hit

Google has stopped testing a Windows 10 memory optimization developed by Microsoft after finding it caused a performance hit in Google Chrome. [...]

https://www.bleepingcomputer.com/news/microsoft/google-chrome-ends-windows-10-memory-optimization-test-after-cpu-hit/

Microsoft removes Windows 10 2004 Thunderbolt dock update block

Microsoft is removing a Windows 10, version 2004 safeguard hold after resolving a known issue that was triggering blue screens and stop errors when plugging or unplugging Thunderbolt docks on some devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-windows-10-2004-thunderbolt-dock-update-block/

Microsoft Outlook is crashing worldwide with 0xc0000005 errors

Microsoft Outlook is immediately crashing worldwide when users start the application, with 0xc0000005 errors being displayed in the Windows Event Viewer. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-outlook-is-crashing-worldwide-with-0xc0000005-errors/

Cisco fixes critical pre-auth flaws allowing router takeover

Cisco today has released security updates to address critical remote code execution (RCE), authentication bypass, and static default credential vulnerabilities affecting multiple router and firewall devices that could lead to full device takeover. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-pre-auth-flaws-allowing-router-takeover/

Citrix: No breach, hacker stole business info from third party

Citrix has published an official statement to deny claims that the company's network was breached by a malicious actor who says that he was also able to steal customer information. [...]

https://www.bleepingcomputer.com/news/security/citrix-no-breach-hacker-stole-business-info-from-third-party/

Apple, Kanye, Gates, Bezos, more hacked in Twitter account crypto scam

Hackers are taking over high profile verified Twitter accounts to promote a cryptocurrency scam promising to give away up to 5,000 bitcoins to those sending between 0.1 BTC to 20 BTC to a "contribution" address. [...]

https://www.bleepingcomputer.com/news/security/apple-kanye-gates-bezos-more-hacked-in-twitter-account-crypto-scam/

PoC exploits released for SAP Recon vulnerabilities, patch now!

Just two days after SAP released patches for a critical NetWeaver AS JAVA remote code execution vulnerability, proof-of-concept (PoC) exploits have been released, and active scans are underway to exploit devices. [...]

https://www.bleepingcomputer.com/news/security/poc-exploits-released-for-sap-recon-vulnerabilities-patch-now/

Scammers hacked Twitter and hijacked accounts using admin tool

Hackers were able to hijack dozens of high-profile Twitter accounts on Wednesday after gaining access to internal user administration tools and systems. [...]

https://www.bleepingcomputer.com/news/security/scammers-hacked-twitter-and-hijacked-accounts-using-admin-tool/

Russian hackers target COVID-19 vaccine research with custom malware

Hackers likely working for Russian intelligence services have been attacking organizations involved in the research and development of a vaccine against the new coronavirus. [...]

https://www.bleepingcomputer.com/news/security/russian-hackers-target-covid-19-vaccine-research-with-custom-malware/

New Android malware steals your dating and social accounts

A new Android banking trojan dubbed BlackRock steals credentials and credit card information from a list of 337 apps many of them used for many non-financial purposes. [...]

https://www.bleepingcomputer.com/news/security/new-android-malware-steals-your-dating-and-social-accounts/

Orange confirms ransomware attack exposing business customers' data

Orange has confirmed to BleepingComputer that they suffered a ransomware attack exposing the data of twenty of their enterprise customers. [...]

https://www.bleepingcomputer.com/news/security/orange-confirms-ransomware-attack-exposing-business-customers-data/

T-Mobile announces free Scam Shield robocall and scam protection

T-Mobile today announced the launch of the new Scam Shield service on July 24, a service that will provide T-Mobile, Metro, and Sprint customers with free Scam ID, Scam Block, and Caller ID anti-scam protection. [...]

https://www.bleepingcomputer.com/news/security/t-mobile-announces-free-scam-shield-robocall-and-scam-protection/

Federal agencies told to patch wormable Windows DNS bug in 24 hours

The Cybersecurity and Infrastructure Security Agency (CISA) today asked all U.S. federal executive branch departments and agencies to mitigate the critical SIGRed Windows DNS Server wormable remote code execution (RCE) vulnerability within 24 hours. [...]

https://www.bleepingcomputer.com/news/security/federal-agencies-told-to-patch-wormable-windows-dns-bug-in-24-hours/