Microsoft: Hackers using Zerologon exploits in attacks, patch now!

Microsoft has warned that attackers are actively using the Windows Server Zerologon exploits in attacks and advises all Windows administrators to install the necessary security updates. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-hackers-using-zerologon-exploits-in-attacks-patch-now/

Instagram bug allowed crashing the app via image sent to device

Technical details about a high-severity vulnerability in Facebook's Instagram app for Android and iOS show how an attacker could exploit it to deny user access to the app, take full control of their account, or use their mobile device to spy on them. [...]

https://www.bleepingcomputer.com/news/security/instagram-bug-allowed-crashing-the-app-via-image-sent-to-device/

Scammers drain bank accounts using AnyDesk and SIM-swapping

Scammers with solid social engineering skills emptied the bank accounts of at least three victims by mixing into the con SIM-swapping and remote desktop software. [...]

https://www.bleepingcomputer.com/news/security/scammers-drain-bank-accounts-using-anydesk-and-sim-swapping/

Phishing attacks are targeting your social network accounts

Scammers are targeting your social network accounts with phishing emails that pretend to be copyright violations or promises of a shiny 'blue checkmark' next to your name. [...]

https://www.bleepingcomputer.com/news/security/phishing-attacks-are-targeting-your-social-network-accounts/

Microsoft Edge's new feature will reduce memory and CPU usage

Microsoft's sleeping tabs could improve memory usage by up to 26% and reduce CPU usage by up to 29%, which should also result in battery savings. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edges-new-feature-will-reduce-memory-and-cpu-usage/

Microsoft confirms Group Policy Editor bug in Windows Server 2016

Microsoft has confirmed that a bug in Windows 10 version 1607 and Windows Server 2016 is causing the Group Policy Editor to display errors. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-group-policy-editor-bug-in-windows-server-2016/

Mount Locker ransomware joins the multi-million dollar ransom game

​A new ransomware operation named Mount Locker is underway stealing victims' files before encrypting and then demanding multi-million dollar ransoms. [...]

https://www.bleepingcomputer.com/news/security/mount-locker-ransomware-joins-the-multi-million-dollar-ransom-game/

The Windows XP source code was allegedly leaked online

The source code for Windows XP SP1 and other versions of the operating system was allegedly leaked online today. [...]

https://www.bleepingcomputer.com/news/microsoft/the-windows-xp-source-code-was-allegedly-leaked-online/

Microsoft disrupts nation-state hacker op using Azure Cloud service

In a report today, Microsoft said that it disrupted operations of a nation-state threat group that was using its Azure cloud infrastructure for cyber attacks. [...]

https://www.bleepingcomputer.com/news/security/microsoft-disrupts-nation-state-hacker-op-using-azure-cloud-service/

Twitter is warning devs that API keys and tokens may have leaked

Twitter is emailing developers stating that their API keys, access tokens, and access token secrets may have been exposed in a browser's cache. [...]

https://www.bleepingcomputer.com/news/security/twitter-is-warning-devs-that-api-keys-and-tokens-may-have-leaked/

Apple fixes iPhone Wi-Fi and default apps issues in iOS 14.0.1

Apple has released iOS 14.0.1 to fix iPhone issues plaguing users since the release of iOS 14. [...]

https://www.bleepingcomputer.com/news/apple/apple-fixes-iphone-wi-fi-and-default-apps-issues-in-ios-1401/

Louis Vuitton fixes data leak and account takeover vulnerability

French fashion and luxury merchandise company Louis Vuitton has quietly patched a security vulnerability on its website that allowed for user account enumeration and even allowed account takeover via password resets. [...]

https://www.bleepingcomputer.com/news/security/louis-vuitton-fixes-data-leak-and-account-takeover-vulnerability/

The Week in Ransomware - September 25th 2020 - A Modern-Day Gold Rush

This week showed continued attacks against large organizations as new ransomware operations rush to join a modern-day ransomware gold rush. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-25th-2020-a-modern-day-gold-rush/

ThunderX ransomware silenced with release of a free decryptor

A decryptor for the ThunderX ransomware has been released by cybersecurity firm Tesorion that lets victims recover their files for free. [...]

https://www.bleepingcomputer.com/news/security/thunderx-ransomware-silenced-with-release-of-a-free-decryptor/

Microsoft Weekly Roundup: Windows 10, Ignite 2020, bugs and fixes

This Windows 10 news report provides an overview of the latest features and improvements announced by Microsoft. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-weekly-roundup-windows-10-ignite-2020-bugs-and-fixes/

Tyler Technologies warns clients to change remote support passwords

Tyler Technologies is warning clients to change the passwords for the technology provider's remote access accounts after suspicious logins have been reported. [...]

https://www.bleepingcomputer.com/news/security/tyler-technologies-warns-clients-to-change-remote-support-passwords/

New Google ChromeOS updates cause 100% CPU usage, heating issues

Recent ChromeOS updates cause a Google Play Store service to utilize 100% of the CPU, making devices hot and experience performance issues. [...]

https://www.bleepingcomputer.com/news/google/new-google-chromeos-updates-cause-100-percent-cpu-usage-heating-issues/

Hands-on with Windows 10's new modern disk management tool

Windows 10's modern disk management tool is Microsoft's latest effort to migrate legacy tools into modern versions found in the Settings app. Earlier this year, Microsoft announced a new disk management tool that it calls a "modern" take on Windows 10's "snap-in" disk management tool. [...]

https://www.bleepingcomputer.com/news/microsoft/hands-on-with-windows-10s-new-modern-disk-management-tool/

REvil ransomware deposits $1 million in hacker recruitment drive

The REvil Ransomware (Sodinokibi) operation has deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business. [...]

https://www.bleepingcomputer.com/news/security/revil-ransomware-deposits-1-million-in-hacker-recruitment-drive/

UHS hospitals hit by reported country-wide Ryuk ransomware attack

Universal Health Services (UHS), a Fortune 500 hospital and healthcare services provider, has reportedly shut down systems at healthcare facilities around the US after a cyber-attack that hit its network during early Sunday morning. [...]

https://www.bleepingcomputer.com/news/security/uhs-hospitals-hit-by-reported-country-wide-ryuk-ransomware-attack/

Logistics giant CMA CGM goes offline to block malware attack

CMA CGM S.A., a French maritime transport and logistics giant, today disclosed a malware attack affecting some servers on the edge of its network. [...]

https://www.bleepingcomputer.com/news/security/logistics-giant-cma-cgm-goes-offline-to-block-malware-attack/