Windows Zerologon PoC exploits allow domain takeover. Patch Now!

Researchers have released exploits for the Windows Zerologon CVE-2020-1472 vulnerability that allow an attacker to take control of a Windows domain. Install patches now! [...]

https://www.bleepingcomputer.com/news/microsoft/windows-zerologon-poc-exploits-allow-domain-takeover-patch-now/

Outlook.com now lets you schedule emails for a later date

If you have ever wanted to schedule emails on Outlook for the Web (Outlook.com), you now easily do it from the web interface. [...]

https://www.bleepingcomputer.com/news/microsoft/outlookcom-now-lets-you-schedule-emails-for-a-later-date/

Staples' order tracking system led to exposing customer info

The reason for the recent notification from Staples to some of its customers about exposed order details was caused by insufficient protections for retrieving shopper information from current and past orders. [...]

https://www.bleepingcomputer.com/news/security/staples-order-tracking-system-led-to-exposing-customer-info/

LockBit ransomware launches data leak site to double-extort victims

The LockBit ransomware gang has launched a new data leak site to be used as part of their double extortion strategy to scare victims into paying a ransom. [...]

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-launches-data-leak-site-to-double-extort-victims/

This security awareness training email is actually a phishing scam

​A creative phishing campaign uses an email template that pretends to be a reminder to complete security awareness training from a well-known security company. [...]

https://www.bleepingcomputer.com/news/security/this-security-awareness-training-email-is-actually-a-phishing-scam/

University Hospital New Jersey hit by SunCrypt ransomware, data leaked

BleepingComputer can verify University Hospital New Jersey (UHNJ) has suffered from a massive data leak with over 48,000 documents floating on the dark web. [...]

https://www.bleepingcomputer.com/news/security/university-hospital-new-jersey-hit-by-suncrypt-ransomware-data-leaked/

Windows 10 optional update KB4577062 (v1909/1903) released

As expected, Microsoft is rolling out the first batch of September optional updates for Windows 10 version 1909 and version 1903. The optional update includes general bug fixes and non-security improvements. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-optional-update-kb4577062-v1909-1903-released/

Google Chrome is making it easier to reset compromised passwords

Google Chrome is adding a new feature that will make it easier for users to reset stored passwords that have been detected as compromised in data breaches. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-is-making-it-easier-to-reset-compromised-passwords/

Privacy-focused search engine DuckDuckGo is growing fast

DuckDuckGo, the privacy-focused search engine, announced that August 2020 ended in over 2 billion total searches via its search platform. [...]

https://www.bleepingcomputer.com/news/technology/privacy-focused-search-engine-duckduckgo-is-growing-fast/

Internet Explorer now warns of Adobe Flash's upcoming demise

When visiting sites hosting Flash content, Internet Explorer 11 will warn that Adobe Flash is no longer supported after December 2020. [...]

https://www.bleepingcomputer.com/news/microsoft/internet-explorer-now-warns-of-adobe-flashs-upcoming-demise/

U.S. charges Chinese Winnti hackers for attacking 100+ companies

The U.S. Department of Justice announced today charges against five Chinese nationals fort cyberattacks on more than 100 companies, some of them being attributed to state-backed hacking group APT41. [...]

https://www.bleepingcomputer.com/news/security/us-charges-chinese-winnti-hackers-for-attacking-100-plus-companies/

Drug spammers start using new technique to bypass spam filters

Actors behind a pill scam campaign are trying a new technique, betting on unconventional representation of URLs in spam messages to keep them undetected by email protection systems and URL block lists. [...]

https://www.bleepingcomputer.com/news/security/drug-spammers-start-using-new-technique-to-bypass-spam-filters/

US 2020 Presidential apps riddled with tracking and security flaws

Vote Joe app is the official app designed for engaging voters as a part of the Biden 2020 Presidential campaign. The app's API was found to be leaking data on a voter's political affiliations as predicted by Target Smart . [...]

https://www.bleepingcomputer.com/news/security/us-2020-presidential-apps-riddled-with-tracking-and-security-flaws/

Ransomware attack at German hospital leads to death of patient

A person in a life-threatening condition passed away after being forced to go to a more distant hospital due to a ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/ransomware-attack-at-german-hospital-leads-to-death-of-patient/

Maze ransomware now encrypts via virtual machines to evade detection

The Maze ransomware operators have adopted a tactic previously used by the Ragnar Locker gang; to encrypt a computer from within a virtual machine. [...]

https://www.bleepingcomputer.com/news/security/maze-ransomware-now-encrypts-via-virtual-machines-to-evade-detection/

Google Chrome's new feature will automatically group your tabs

With the next update for Chrome, Google is planning to automatically create a tab group if you open multiple tabs with the same domain. [...]

https://www.bleepingcomputer.com/news/google/google-chromes-new-feature-will-automatically-group-your-tabs/

Hands on with iOS 14's new data breach notification feature

With the release of iOS 14, Apple has introduced a new feature that warns users when their stored passwords have been compromised in data breaches. [...]

https://www.bleepingcomputer.com/news/apple/hands-on-with-ios-14s-new-data-breach-notification-feature/

U.K. warns of surge in ransomware threats against education sector

The U.K. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware incidents targeting educational institutions, urging them to follow the recently updated recommendations for mitigating malware attacks. [...]

https://www.bleepingcomputer.com/news/security/uk-warns-of-surge-in-ransomware-threats-against-education-sector/

Microsoft removes Windows Defender ability after security concerns

Microsoft has removed the ability to download files using Windows Defender after it was demonstrated how it could be used by attackers to download malware onto a computer. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-windows-defender-ability-after-security-concerns/

Leading U.S. laser developer IPG Photonics hit with ransomware

IPG Photonics, a leading U.S. developer of fiber lasers for cutting, welding, medical use, and laser weaponry has suffered a ransomware attack that is disrupting their operations. [...]

https://www.bleepingcomputer.com/news/security/leading-us-laser-developer-ipg-photonics-hit-with-ransomware/

Windows 10 20H2 coming in October, final preview build released

Microsoft has officially announced the Windows 10 October 2020 Update and it'll begin rolling out to consumers in October. This new feature update comes with theme-aware Start Menu, Alt-Tab improvements, Chromium Edge pre-installed and bug fixes. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-20h2-coming-in-october-final-preview-build-released/