Windows 10 Sandbox activation enables zero-day vulnerability

A reverse engineer discovered a new zero-day vulnerability in most Windows 10 editions that allows creating files in restricted areas of the operating system. [...]

https://www.bleepingcomputer.com/news/security/windows-10-sandbox-activation-enables-zero-day-vulnerability/

Ransomware gang says they are behind Newcastle University attack

UK research university Newcastle University says that it will take several weeks to get IT services back online after DoppelPaymer ransomware operators breached its network and took systems offline on the morning of August 30th. [...]

https://www.bleepingcomputer.com/news/security/ransomware-gang-says-they-are-behind-newcastle-university-attack/

France warns of Emotet attacking companies, administration

The French national cyber-security agency today published an alert warning of a surge in Emotet attacks targeting the private sector and public administrations throughout the country. [...]

https://www.bleepingcomputer.com/news/security/france-warns-of-emotet-attacking-companies-administration/

Microsoft fixes Windows 10 bug causing excessive SSD defragging

Microsoft has fixed a bug in the Windows 10 version 2004 defragger that caused SSD drives to be defragmented too often. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-bug-causing-excessive-ssd-defragging/

Adobe fixes critical vulnerabilities in InDesign and Framemaker

Adobe has released security updates to address twelve critical vulnerabilities that could potentially make it possible for attackers to execute arbitrary code on devices running vulnerable versions of Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager. [...]

https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-vulnerabilities-in-indesign-and-framemaker/

Google Chrome starts blocking ads that slow down the browser

Google is rolling out a new feature that allows the Google Chrome web browser to automatically unload web ads that use a disproportionate amount of system resources as part of an effort to reduce the browser's network and CPU footprint. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-starts-blocking-ads-that-slow-down-the-browser/

Ransomware delays first day of school for Hartford, Connecticut

The Hartford School District in Connecticut has postponed their first day of school as they struggle with getting systems restored and running after a Labor Day holiday weekend ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/ransomware-delays-first-day-of-school-for-hartford-connecticut/

Windows 10 Cumulative Updates KB4571756 & KB4574727 Released

Today is the second Tuesday of September 2020 and important security updates/cumulative or 'B' updates are now available for all supported versions of Windows 10. As always, the updates are available for installation when you check for updates in the Settings and click on 'Download and install now' button. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb4571756-and-kb4574727-released/

Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilities

Today is Microsoft's September 2020 Patch Tuesday, and your Windows administrators will be scrambling as they install updates and try to resolve bugs caused by them. Be nice! [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-september-2020-patch-tuesday-fixes-129-vulnerabilities/

Windows 10 starts bundling servicing stack updates with cumulative updates

Microsoft has released quality improvements to the Windows 10 servicing stack, the OS component that enables customers to receive and install Windows updates. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-starts-bundling-servicing-stack-updates-with-cumulative-updates/

Hackers use legit tool to take over Docker, Kubernetes platforms

In a recent attack, cybercrime group TeamTNT relied on a legitimate tool to avoid deploying malicious code on compromised cloud infrastructure and still have a good grip on it. [...]

https://www.bleepingcomputer.com/news/security/hackers-use-legit-tool-to-take-over-docker-kubernetes-platforms/

Intel fixes critical flaw in corporate remote management platform

Intel today addressed nine security vulnerabilities with the release of the September 2020 Platform Update, one of them being a critical flaw impacting the Active Management Technology (AMT) and Intel Standard Manageability (ISM) platforms. [...]

https://www.bleepingcomputer.com/news/security/intel-fixes-critical-flaw-in-corporate-remote-management-platform/

Netwalker ransomware hits Pakistan's largest private power utility

K-Electric, the sole electricity provider for Karachi, Pakistan, has suffered a Netwalker ransomware attack that led to the disruption of billing and online services. [...]

https://www.bleepingcomputer.com/news/security/netwalker-ransomware-hits-pakistans-largest-private-power-utility/

Windows 10 2004 KB4571756 breaks Windows Subsystem for Linux 2

The Windows 10 KB4571756 security update released yesterday is reportedly breaking Microsoft's Windows Subsystem for Linux 2 (WSL2) compatibility layer. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-kb4571756-breaks-windows-subsystem-for-linux-2/

Samsung fixes critical Android flaws with September updates

Samsung has rolled out September 2020 Android updates today on their Galaxy devices. These patch serious vulnerabilities along with enhancing the overall device functionality. [...]

https://www.bleepingcomputer.com/news/security/samsung-fixes-critical-android-flaws-with-september-updates/

Microsoft Office September security updates fix critical RCE bugs

Microsoft has released the September 2020 Office security updates with a total of 30 security updates and 5 cumulative updates for 7 different products, fixing 13 vulnerabilities that could enable remote attackers to execute arbitrary code on vulnerable systems. [...]

https://www.bleepingcomputer.com/news/security/microsoft-office-september-security-updates-fix-critical-rce-bugs/

Vivaldi 3.3 can pause the web with new 'Take a Break' feature

Vivaldi browser 3.3 has been released, and with it comes a new feature that allows you to pause everything you are doing in your open browser tabs to take a break, free from distractions. [...]

https://www.bleepingcomputer.com/news/software/vivaldi-33-can-pause-the-web-with-new-take-a-break-feature/

Leading US video delivery provider confirms ransomware attack

SeaChange International, a US-based leading supplier of video delivery software solutions, has confirmed a ransomware attack that disrupted its operations during the first quarter of 2020. [...]

https://www.bleepingcomputer.com/news/security/leading-us-video-delivery-provider-confirms-ransomware-attack/

Azure now installs security updates on Windows VMs automatically

Microsoft has announced a new Azure capability known as automatic VM guest patching and designed to automatically apply patch Windows virtual machines against newly discovered vulnerabilities. [...]

https://www.bleepingcomputer.com/news/security/azure-now-installs-security-updates-on-windows-vms-automatically/

Microsoft Edge now gives you more control of your downloads

Microsoft is porting a feature from Edge Classic that gives users more control over how they can download files in the browser. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-now-gives-you-more-control-of-your-downloads/

BLURtooth vulnerability lets attackers defeat Bluetooth encryption

A vulnerability exists in certain implementations of Bluetooth 4.0 through 5.0 which allows an attacker to overwrite or lower the strength of the pairing key, giving them access to authenticated services. [...]

https://www.bleepingcomputer.com/news/security/blurtooth-vulnerability-lets-attackers-defeat-bluetooth-encryption/