How to use Windows 10 File History to make secure backups

With File History feature on Windows, you can back up copies of files that are in the Documents, Music, Pictures, Videos, and Desktop folders. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-use-windows-10-file-history-to-make-secure-backups/

Critical SIGred Windows DNS bug gets micropatch after PoCs released

The critical remote code execution security vulnerability in Windows DNS known as SIGRed has received a micropatch for servers without an Extended Security Updates (ESU) license. [...]

https://www.bleepingcomputer.com/news/security/critical-sigred-windows-dns-bug-gets-micropatch-after-pocs-released/

Windows 10 Store 'wsreset' tool lets attackers bypass antivirus

A technique that exploits Windows 10 Microsoft Store called 'wsreset.exe' can delete files to bypass antivirus protection on a host without being detected. [...]

https://www.bleepingcomputer.com/news/security/windows-10-store-wsreset-tool-lets-attackers-bypass-antivirus/

Microsoft investigating Windows 10 2004 'No Internet' bug, how to fix

Microsoft is investigating a known issue where Windows 10 2004 customers might see "No Internet access" tray indicators even though their devices are connected to the Internet. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-investigating-windows-10-2004-no-internet-bug-how-to-fix/

Office 365 adds new security configuration analysis feature

Microsoft is working on a new Office 365 Advanced Threat Protection (ATP) feature which will make it easy to determine your security policies settings' effectiveness when compared to recommended settings. [...]

https://www.bleepingcomputer.com/news/security/office-365-adds-new-security-configuration-analysis-feature/

Coinbase blocked Twitter hackers from stealing an extra $280K

Coinbase says that it was able to block its customers from sending approximately $280,000 to the Twitter hackers who, last week, took over high-profile accounts to push a massive bitcoin scam. [...]

https://www.bleepingcomputer.com/news/security/coinbase-blocked-twitter-hackers-from-stealing-an-extra-280k/

Emotet-TrickBot malware duo is back infecting Windows machines

After awakening last week and starting to send spam worldwide, Emotet is now once again installing the TrickBot trojan on infected Windows computers. [...]

https://www.bleepingcomputer.com/news/security/emotet-trickbot-malware-duo-is-back-infecting-windows-machines/

Microsoft will disable insecure TLS in Office 365 on Oct 15

Microsoft has set the official retirement date for the insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols in Office 365 starting with October 15, 2020, after temporarily halting deprecation enforcement for commercial customers due to COVID-19. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-will-disable-insecure-tls-in-office-365-on-oct-15/

Lorien Health Services discloses ransomware attack affecting nearly 50,000

Lorien Health Services in Maryland announced that it was the victim of a ransomware incident in early June. Data was stolen and then encrypted during the incident. [...]

https://www.bleepingcomputer.com/news/security/lorien-health-services-discloses-ransomware-attack-affecting-nearly-50-000/

Phishing campaign uses Google Cloud Services to steal Office 365 logins

Fraudsters looking to collect login details are increasingly turning to public cloud services to host lure documents and phishing pages, making it more difficult for targets to detect the attack. [...]

https://www.bleepingcomputer.com/news/security/phishing-campaign-uses-google-cloud-services-to-steal-office-365-logins/

Adobe Photoshop gets fixes for critical security vulnerabilities

Adobe has released security updates to address twelve critical vulnerabilities in Adobe Photoshop, Adobe Prelude, and Adobe Bridge that could allow attackers to execute arbitrary code on Windows devices. [...]

https://www.bleepingcomputer.com/news/security/adobe-photoshop-gets-fixes-for-critical-security-vulnerabilities/

DeepSource resets logins after employee falls for Sawfish phishing

GitHub notified DeepSource earlier this month of detecting malicious activity related to the startup's GitHub app after one of their employees fell victim to the Sawfish phishing campaign. [...]

https://www.bleepingcomputer.com/news/security/deepsource-resets-logins-after-employee-falls-for-sawfish-phishing/

Outlook affected by one-minute startup delays on Windows 10

Microsoft says that Outlook might take a minute to start and display the splash screen on devices running Windows 10, version 1809 or later if User Experience Virtualization (UE-V) is enabled. [...]

https://www.bleepingcomputer.com/news/microsoft/outlook-affected-by-one-minute-startup-delays-on-windows-10/

US indicts hackers working with China's Ministry of State Security

Two hackers working with China's Ministry of State Security were charged with hacking into computer systems of government organizations and companies in the United States and around the world, stealing terabytes of data in the process. [...]

https://www.bleepingcomputer.com/news/security/us-indicts-hackers-working-with-chinas-ministry-of-state-security/

Malwarebytes fixes bug causing Windows 10 2004 performance issues

Malwarebytes has fixed bugs in the latest beta version of their software that were causing performance issues in Windows 10 2004. [...]

https://www.bleepingcomputer.com/news/microsoft/malwarebytes-fixes-bug-causing-windows-10-2004-performance-issues/

Emotet botnet is now heavily spreading QakBot malware

Researchers tracking Emotet botnet noticed that the malware started to push QakBot banking trojan at an unusually high rate, replacing the longtime TrickBot payload. [...]

https://www.bleepingcomputer.com/news/security/emotet-botnet-is-now-heavily-spreading-qakbot-malware/

Microsoft Edge gets new features on desktop and mobile

As part of the July update, Microsoft Edge for Windows, macOS, Android and iOS is getting Collections on mobile and slew of other improvements. The new features for Microsoft Edge were announced and highlighted during Microsoft's online Inspire developer conference. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-gets-new-features-on-desktop-and-mobile/

Microsoft 365 adds endpoint data leak protection in public preview

Microsoft announced today the extension of Data Loss Prevention (Endpoint DLP) to Microsoft 365 customers' endpoints, making it easier for organizations to prevent data leaks, inappropriate or unintentional data sharing or transfer, and other similar risks. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-365-adds-endpoint-data-leak-protection-in-public-preview/

Windows 10 KB4559004 released to fix broken wireless LTE connectivity

Microsoft released the KB4559004 non-security preview cumulative update with a fix for an issue that caused Windows 10 computers with wireless wide area network (WWAN) LTE modems to lose Internet connectivity after installing the May KB4556799 update. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4559004-released-to-fix-broken-wireless-lte-connectivity/

New ‘Meow’ attack has wiped dozens of unsecured databases

Dozens of unsecured databases exposed on the public web are the target of an automated 'meow' attack that wipes data without any explanation. [...]

https://www.bleepingcomputer.com/news/security/new-meow-attack-has-wiped-dozens-of-unsecured-databases/

US offers $2 million for info on Ukrainians charged for SEC hack

The U.S. Department of State today announced rewards of up to $1 million for information that would lead to the arrest or conviction of Ukrainian nationals Artem Viacheslavovich Radchenko and Oleksandr Vitalyevich Ieremenko. [...]

https://www.bleepingcomputer.com/news/security/us-offers-2-million-for-info-on-ukrainians-charged-for-sec-hack/