Twitter for Android vulnerability gave access to direct messages

Twitter today announced that it fixed a security vulnerability in the Twitter for Android app that could have allowed attackers to gain access to users' private Twitter data including direct messages. [...]

https://www.bleepingcomputer.com/news/security/twitter-for-android-vulnerability-gave-access-to-direct-messages/

Canon hit by Maze Ransomware attack, 10TB data allegedly stolen

​Canon has suffered a ransomware attack that impacts numerous services, including Canon's email, Microsoft Teams, USA website, cloud photo and video storage service, and other internal applications. [...]

https://www.bleepingcomputer.com/news/security/canon-hit-by-maze-ransomware-attack-10tb-data-allegedly-stolen/

Google to pay $7.5M in class action settlement. That's $5 a victim.

As confirmed by BleepingComputer, users today are receiving emails titled, "Notice of Class Action Settlement re Google Plus..." that offer details on the two-year class-action lawsuit Google had been litigating because of the Google+ data leak. [...]

https://www.bleepingcomputer.com/news/google/google-to-pay-75m-in-class-action-settlement-thats-5-a-victim/

Microsoft releases Windows 10 Version 2004 security baseline

Microsoft announced the final version of its security configuration baseline settings for Windows 10, version 2004 and Windows Server, version 2004, downloadable today using the Microsoft Security Compliance Toolkit. [...]

https://www.bleepingcomputer.com/news/security/microsoft-releases-windows-10-version-2004-security-baseline/

Microsoft adds Windows 10 DNS over HTTPS settings section

Microsoft has announced that Windows 10 customers can now configure DNS over HTTPS (DoH) directly from the Settings app starting with the release of Windows 10 Insider Preview Build 20185 to Windows Insiders in the Dev Channel. [...]

https://www.bleepingcomputer.com/news/security/microsoft-adds-windows-10-dns-over-https-settings-section/

ProtonVPN: US servers downed in warzone for Call of Duty updates

Most of the U.S. ProtonVPN servers are under high load as users worldwide battle to be the first to download the latest Call of Duty: Warzone update. [...]

https://www.bleepingcomputer.com/news/software/protonvpn-us-servers-downed-in-warzone-for-call-of-duty-updates/

Microsoft fixes 'No Internet' bug in latest Windows 10 Dev build

Microsoft today fixed the "No Internet access" known issue affecting Windows 10 2004 devices with the release of Windows 10 Build 20185 for Windows Insiders in the Dev Channel. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-no-internet-bug-in-latest-windows-10-dev-build/

Microsoft now lets you run Android apps in Windows 10

Microsoft has announced a new feature that allows Windows 10 users running Insider builds to launch their Android apps directly in Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-now-lets-you-run-android-apps-in-windows-10/

Google Home erroneous update reveals the $450 million ADT deal

What happens when your old budget smoke alarm suddenly becomes Google "smart"? [...]

https://www.bleepingcomputer.com/news/google/google-home-erroneous-update-reveals-the-450-million-adt-deal/

Office 365 services will drop support for older Office clients

Microsoft says that Office 365 (and Microsoft 365) services including Exchange Online, SharePoint Online, and OneDrive for Business will provide connectivity support for a smaller number of Office clients starting with October 13, 2020. [...]

https://www.bleepingcomputer.com/news/microsoft/office-365-services-will-drop-support-for-older-office-clients/

Google banned 2500+ Chinese YouTube channels for disinformation

Google says that it took down multiple coordinated influence operation campaigns linked to China, Russia, Iran, and Tunisia by terminating thousands of YouTube channels and several AdSense, Play Developer, and advertising accounts. [...]

https://www.bleepingcomputer.com/news/google/google-banned-2500-chinese-youtube-channels-for-disinformation/

Hackers abuse lookalike domains and favicons for credit card theft

Hackers are abusing a new technique: combining homoglyph domains with favicons to conduct credit card skimming attacks. [...]

https://www.bleepingcomputer.com/news/security/hackers-abuse-lookalike-domains-and-favicons-for-credit-card-theft/

Unpatched bug in Windows print spooler lets malware run as admin

Researchers found a way to bypass a patch Microsoft released to address a bug in the Windows printing services, which gives attackers a path to executing malicious code with elevated privileges. [...]

https://www.bleepingcomputer.com/news/security/unpatched-bug-in-windows-print-spooler-lets-malware-run-as-admin/

Canon confirms ransomware attack in internal memo

​Canon has suffered a ransomware attack that impacts numerous services, including Canon's email, Microsoft Teams, USA website, cloud photo and video storage service, and other internal applications. [...]

https://www.bleepingcomputer.com/news/security/canon-confirms-ransomware-attack-in-internal-memo/

KrØØk attack variants impact Qualcomm, MediaTek Wi-Fi chips

Qualcomm and MediaTek Wi-Fi chips were found to have been impacted by new variants of the KrØØk information disclosure vulnerability discovered by ESET researchers Robert Lipovský and Štefan Svorenčík. [...]

https://www.bleepingcomputer.com/news/security/kr-k-attack-variants-impact-qualcomm-mediatek-wi-fi-chips/

Nearly 50% of all smartphones affected by Qualcomm Snapdragon bugs

Several security vulnerabilities found in Qualcomm's Snapdragon chip Digital Signal Processor (DSP) chip could allow attackers to take control of almost 40% of all smartphones, spy on their users, and create un-removable malware capable of evading detection. [...]

https://www.bleepingcomputer.com/news/security/nearly-50-percent-of-all-smartphones-affected-by-qualcomm-snapdragon-bugs/

Intel leak: 20GB of source code and internal docs, backdoors mentioned

Classified and confidential documents from U.S. chipmaker Intel, apparently resulting from a breach, have been uploaded earlier today to a public file sharing service. [...]

https://www.bleepingcomputer.com/news/security/intel-leak-20gb-of-source-code-and-internal-docs-backdoors-mentioned/

Chromium browser sneaked through review, released on Microsoft Store

You can now download and install an old version of the open source Chromium browser directly from the Windows 10 Microsoft Store. [...]

https://www.bleepingcomputer.com/news/microsoft/chromium-browser-sneaked-through-review-released-on-microsoft-store/

TeamViewer fixes bug that lets attackers access your PC

Popular remote access and troubleshooting app, TeamViewer has patched a vulnerability that could let attackers quietly establish a connection to your computer and further exploit the system. [...]

https://www.bleepingcomputer.com/news/security/teamviewer-fixes-bug-that-lets-attackers-access-your-pc/

CCleaner fixes bug that wipes Firefox extension settings

Piriform released CCleaner 5.70 to address a bug that was causing the app to wipe settings for Firefox extensions installed after upgrading to Firefox 79 when cleaning the web browser's Internet cache. [...]

https://www.bleepingcomputer.com/news/software/ccleaner-fixes-bug-that-wipes-firefox-extension-settings/

Reddit hit by coordinated hack promoting Trump's reelection

Multiple Reddit subreddits have been defaced during the last 24 hours, with the attackers behind this incident posting pro-Trump messages and changing the subreddits' themes to show content supporting Trump's 2020 campaign. [...]

https://www.bleepingcomputer.com/news/security/reddit-hit-by-coordinated-hack-promoting-trumps-reelection/