vBulletin fixes ridiculously easy to exploit zero-day RCE bug

A simple one-line exploit has been published for a zero-day pre-authentication remote code execution (RCE) vulnerability in the vBulletin forum software. [...]

https://www.bleepingcomputer.com/news/security/vbulletin-fixes-ridiculously-easy-to-exploit-zero-day-rce-bug/

Twitter experiencing issues sending account verification codes

Twitter is experiencing a worldwide service disruption preventing users from receiving account verification codes via text messages or phone calls. [...]

https://www.bleepingcomputer.com/news/technology/twitter-experiencing-issues-sending-account-verification-codes/

Citrix fixes critical bugs allowing takeover of XenMobile Servers

Citrix today fixed 5 vulnerabilities impacting multiple versions of Citrix Endpoint Management (CEM) on-premise instances, also known as XenMobile Server. [...]

https://www.bleepingcomputer.com/news/security/citrix-fixes-critical-bugs-allowing-takeover-of-xenmobile-servers/

Adobe fixes critical code execution bugs in Acrobat and Reader

Adobe has released security updates for Adobe Acrobat, Reader, and Lightroom that fix a total of twenty-six vulnerabilities in the three programs. [...]

https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-code-execution-bugs-in-acrobat-and-reader/

Colorado city forced to pay $45,000 ransom to decrypt files

The City of Lafayette in Colorado, USA has been forced to pay $45,000 after the City's devices were encrypted in July and they were unable to restore necessary files from backup. [...]

https://www.bleepingcomputer.com/news/security/colorado-city-forced-to-pay-45-000-ransom-to-decrypt-files/

Windows 10 Cumulative Updates KB4566782 & KB4565351 Released

Today is the second Tuesday of the month and August 2020 security updates are now available for all supported versions of Windows 10. As always, you can download and install the latest security fixes by checking for updates in the Settings. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb4566782-and-kb4565351-released/

Microsoft August 2020 Patch Tuesday fixes 2 zero-days, 120 flaws

Today is Microsoft's August 2020 Patch Tuesday, and while this is just a typical day for most of you, Windows administrators around the world want to pull their hair out. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2020-patch-tuesday-fixes-2-zero-days-120-flaws/

Network intruders selling access to high-value companies

Breaching corporate networks and selling access to them is a business in and of itself. For many hackers, this is how they make their living, others do it forced by financial struggles to supplement their revenue. [...]

https://www.bleepingcomputer.com/news/security/network-intruders-selling-access-to-high-value-companies/

SANS infosec training org suffers data breach after phishing attack

The SANS cybersecurity training organization has suffered a data breach after one of their employees fell victim to a phishing attack. [...]

https://www.bleepingcomputer.com/news/security/sans-infosec-training-org-suffers-data-breach-after-phishing-attack/

SAP updates security note for critical RECON vulnerability

SAP today released its security patches for August, alerting of new critical and high-severity vulnerabilities in several of its products, mostly NetWeaver Application Server (AS). [...]

https://www.bleepingcomputer.com/news/security/sap-updates-security-note-for-critical-recon-vulnerability/

Dharma ransomware created a hacking toolkit to make cybercrime easy

The Darhma Ransomware-as-a-Service (RaaS) operation makes it easy for a wannabe cyber-criminal to get into the ransomware business by offering a toolkit that does almost everything for them. [...]

https://www.bleepingcomputer.com/news/security/dharma-ransomware-created-a-hacking-toolkit-to-make-cybercrime-easy/

Windows 10 to give power users more control over their GPUs

Microsoft will soon offer Windows 10 power users with multiple GPUs greater control over how they can use their graphics cards when running applications in Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-to-give-power-users-more-control-over-their-gpus/

Windows, IE11 zero-day vulnerabilities chained in targeted attack

An advanced threat actor exploited one of the two zero-day vulnerabilities that Microsoft patched on Tuesday in a targeted attack earlier this year. [...]

https://www.bleepingcomputer.com/news/security/windows-ie11-zero-day-vulnerabilities-chained-in-targeted-attack/

Windows 10 Tips apps will soon show new features in an update

Microsoft is adding a new post-update experience to Windows 10 that displays the prominent changes in a just installed update. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-tips-apps-will-soon-show-new-features-in-an-update/

U.S. stock broker regulator FINRA warns of copycat phishing site

The U.S. Financial Industry Regulatory Authority (FINRA) is warning of copycat site impersonating them and potentially being used in phishing attacks. [...]

https://www.bleepingcomputer.com/news/security/us-stock-broker-regulator-finra-warns-of-copycat-phishing-site/

CISA alerts of phishing attack targeting SBA loan relief accounts

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released an alert about phishing attacks targeting various government organizations to steal logins for the Small Business Administration COVID-19 loan relief accounts. [...]

https://www.bleepingcomputer.com/news/security/cisa-alerts-of-phishing-attack-targeting-sba-loan-relief-accounts/

Stealthy RedCurl hackers steal corporate documents

For the past couple of years, a little known cyberespionage group has been conducting carefully planned attacks against victims in a wide geography to steal confidential corporate documents. [...]

https://www.bleepingcomputer.com/news/security/stealthy-redcurl-hackers-steal-corporate-documents/

Mekotio banking trojan imitates update alerts to steal Bitcoin

A versatile banking trojan targeting users in Latin America has been circulating in multiple countries including Mexico, Brazil, Chile, Spain, Peru, and Portugal. [...]

https://www.bleepingcomputer.com/news/security/mekotio-banking-trojan-imitates-update-alerts-to-steal-bitcoin/

NSA discloses new Russian-made Drovorub malware targeting Linux

The National Security Agency is warning about espionage operations from the Russian Intelligence Directorate (GRU) using a previously undisclosed Linux malware toolset called Drovorub. [...]

https://www.bleepingcomputer.com/news/security/nsa-discloses-new-russian-made-drovorub-malware-targeting-linux/

Surface Duo: All the Specs, Features, Software, Price and Release Date

Microsoft describes Surface Duo as the "next wave of mobile productivity" that will inspire "people to rethink what is possible with the device in their pocket". [...]

https://www.bleepingcomputer.com/news/microsoft/surface-duo-all-the-specs-features-software-price-and-release-date/

Hacker leaks data for U.S. gun exchange site on cybercrime forum

A hacker has released the databases of Utah-based gun exchange, hunting, and kratom sites for free on a cybercrime forum. [...]

https://www.bleepingcomputer.com/news/security/hacker-leaks-data-for-us-gun-exchange-site-on-cybercrime-forum/