Hackers use legit tool to take over Docker, Kubernetes platforms

In a recent attack, cybercrime group TeamTNT relied on a legitimate tool to avoid deploying malicious code on compromised cloud infrastructure and still have a good grip on it. [...]

https://www.bleepingcomputer.com/news/security/hackers-use-legit-tool-to-take-over-docker-kubernetes-platforms/

Intel fixes critical flaw in corporate remote management platform

Intel today addressed nine security vulnerabilities with the release of the September 2020 Platform Update, one of them being a critical flaw impacting the Active Management Technology (AMT) and Intel Standard Manageability (ISM) platforms. [...]

https://www.bleepingcomputer.com/news/security/intel-fixes-critical-flaw-in-corporate-remote-management-platform/

Netwalker ransomware hits Pakistan's largest private power utility

K-Electric, the sole electricity provider for Karachi, Pakistan, has suffered a Netwalker ransomware attack that led to the disruption of billing and online services. [...]

https://www.bleepingcomputer.com/news/security/netwalker-ransomware-hits-pakistans-largest-private-power-utility/

Windows 10 2004 KB4571756 breaks Windows Subsystem for Linux 2

The Windows 10 KB4571756 security update released yesterday is reportedly breaking Microsoft's Windows Subsystem for Linux 2 (WSL2) compatibility layer. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-kb4571756-breaks-windows-subsystem-for-linux-2/

Samsung fixes critical Android flaws with September updates

Samsung has rolled out September 2020 Android updates today on their Galaxy devices. These patch serious vulnerabilities along with enhancing the overall device functionality. [...]

https://www.bleepingcomputer.com/news/security/samsung-fixes-critical-android-flaws-with-september-updates/

Microsoft Office September security updates fix critical RCE bugs

Microsoft has released the September 2020 Office security updates with a total of 30 security updates and 5 cumulative updates for 7 different products, fixing 13 vulnerabilities that could enable remote attackers to execute arbitrary code on vulnerable systems. [...]

https://www.bleepingcomputer.com/news/security/microsoft-office-september-security-updates-fix-critical-rce-bugs/

Vivaldi 3.3 can pause the web with new 'Take a Break' feature

Vivaldi browser 3.3 has been released, and with it comes a new feature that allows you to pause everything you are doing in your open browser tabs to take a break, free from distractions. [...]

https://www.bleepingcomputer.com/news/software/vivaldi-33-can-pause-the-web-with-new-take-a-break-feature/

Leading US video delivery provider confirms ransomware attack

SeaChange International, a US-based leading supplier of video delivery software solutions, has confirmed a ransomware attack that disrupted its operations during the first quarter of 2020. [...]

https://www.bleepingcomputer.com/news/security/leading-us-video-delivery-provider-confirms-ransomware-attack/

Azure now installs security updates on Windows VMs automatically

Microsoft has announced a new Azure capability known as automatic VM guest patching and designed to automatically apply patch Windows virtual machines against newly discovered vulnerabilities. [...]

https://www.bleepingcomputer.com/news/security/azure-now-installs-security-updates-on-windows-vms-automatically/

Microsoft Edge now gives you more control of your downloads

Microsoft is porting a feature from Edge Classic that gives users more control over how they can download files in the browser. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-now-gives-you-more-control-of-your-downloads/

BLURtooth vulnerability lets attackers defeat Bluetooth encryption

A vulnerability exists in certain implementations of Bluetooth 4.0 through 5.0 which allows an attacker to overwrite or lower the strength of the pairing key, giving them access to authenticated services. [...]

https://www.bleepingcomputer.com/news/security/blurtooth-vulnerability-lets-attackers-defeat-bluetooth-encryption/

ProLock ransomware increases payment demand and victim count

Using standard tactics, the operators of ProLock ransomware were able to deploy a large number of attacks over the past six months, averaging close to one target every day. [...]

https://www.bleepingcomputer.com/news/security/prolock-ransomware-increases-payment-demand-and-victim-count/

New CDRThief malware steals VoIP metadata from Linux softswitches

Malware researchers discovered a new threat that they named CDRThief targeting a specific Voice over IP system to steal call data records (CDR) from telephone exchange equipment. [...]

https://www.bleepingcomputer.com/news/security/new-cdrthief-malware-steals-voip-metadata-from-linux-softswitches/

Office 365 phishing runs real-time check of stolen domain logins

Threat researchers investigating phishing attacks encountered a less common technique in spear-phishing aimed at a senior executive at a top American company. [...]

https://www.bleepingcomputer.com/news/security/office-365-phishing-runs-real-time-check-of-stolen-domain-logins/

Equinix data center giant hit by Netwalker Ransomware, $4.5M ransom

Data center and colocation giant Equinix has been hit with a Netwalker ransomware attack where threat actors are demanding $4.5 million for a decryptor and to prevent the release of stolen data. [...]

https://www.bleepingcomputer.com/news/security/equinix-data-center-giant-hit-by-netwalker-ransomware-45m-ransom/

Microsoft: Windows 10 1903 support ending in December 2020

Microsoft today reminded users that Windows 10, version 1903 (also known as the Windows 10 May 2019 Update) is reaching end of service on December 8, 2020, in an official announcement published on the Microsoft Lifecycle Policy site. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-10-1903-support-ending-in-december-2020/

Google Chrome's new Tab Groups feature now available for everyone

Google Chrome now comes with a new feature called "Tab Groups" that would make it a lot easier for Chrome users to stay organized. Google's new Tab Groups feature, which lets you organize active tabs into groups and improve your workflow, is now available for everyone in the latest version of Chrome. [...]

https://www.bleepingcomputer.com/news/google/google-chromes-new-tab-groups-feature-now-available-for-everyone/

Windows 10 now lets you mount Linux ext4 filesystems in WSL 2

Windows 10 now allows you to mount physical disks formatted using the Linux ext4 filesystem in the Windows Subsystem for Linux 2. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-now-lets-you-mount-linux-ext4-filesystems-in-wsl-2/

Hackers are fighting a war over 300K vulnerable WordPress sites

Attackers who are actively exploiting a critical remote code execution flaw affecting over 600,000 of WordPress sites running vulnerable File Manager plugin versions have also been seen protecting the sites they compromise from other threat actors' attacks. [...]

https://www.bleepingcomputer.com/news/security/hackers-are-fighting-a-war-over-300k-vulnerable-wordpress-sites/

Microsoft: State-backed hackers are targeting the 2020 US elections

Nation state-sponsored hacking groups operating from Russia, China, and Iran are targeting organizations and individuals involved in this year's U.S. presidential election according to Microsoft. [...]

https://www.bleepingcomputer.com/news/security/microsoft-state-backed-hackers-are-targeting-the-2020-us-elections/

SoftServe hit by ransomware, Windows customization tool exploited

Ukrainian software developer and IT services provider SoftServe suffered a ransomware attack on September 1st that may have led to the theft of customers' source code. [...]

https://www.bleepingcomputer.com/news/security/softserve-hit-by-ransomware-windows-customization-tool-exploited/