Cisco fixes actively exploited bugs in carrier-grade routers

Cisco fixed two actively exploited memory exhaustion DoS vulnerabilities found in the IOS XR software that runs on multiple carrier-grade routers. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-actively-exploited-bugs-in-carrier-grade-routers/

Over 247K Exchange servers unpatched for actively exploited flaw

More than 247,000 Microsoft Exchange servers are to be patched against the CVE-2020-0688 post-auth remote code execution (RCE) vulnerability impacting all Exchange Server versions under support. [...]

https://www.bleepingcomputer.com/news/security/over-247k-exchange-servers-unpatched-for-actively-exploited-flaw/

Natwest and Malwarebytes team up to provide free virus protection

Customers of National Westminster (NatWest) Bank are now eligible to receive a free copy of Malwarebytes Premium subscription for up to 10 devices. [...]

https://www.bleepingcomputer.com/news/security/natwest-and-malwarebytes-team-up-to-provide-free-virus-protection/

Fake software crack sites used to push Exorcist 2.0 Ransomware

The threat actors behind the Exorcist 2.0 ransomware are using malicious advertising to redirect victims to fake software crack sites that distribute their malware. [...]

https://www.bleepingcomputer.com/news/security/fake-software-crack-sites-used-to-push-exorcist-20-ransomware/

Swiss watchmaker Swatch shuts down IT systems to stop cyberattack

Swiss watchmaker Swatch Group shut down its IT systems over the weekend after identifying a cyberattack targeting its organization. [...]

https://www.bleepingcomputer.com/news/security/swiss-watchmaker-swatch-shuts-down-it-systems-to-stop-cyberattack/

Blackbaud: Ransomware gang had access to banking info and passwords

Blackbaud, a leading US-based cloud computing provider, confirmed that the threat actors behind the May 2020 ransomware attack had access to unencrypted banking and login information, as well as social security numbers. [...]

https://www.bleepingcomputer.com/news/security/blackbaud-ransomware-gang-had-access-to-banking-info-and-passwords/

QNAP warns customers of recent wave of ransomware attacks

QNAP has issued an advisory about a recent wave of ransomware attacks targeting its NAS storage devices and encrypting files. [...]

https://www.bleepingcomputer.com/news/security/qnap-warns-customers-of-recent-wave-of-ransomware-attacks/

Windows XP and Server 2003 compiled from leaked source code

A Windows developer has successfully compiled both Windows XP and Windows Server 2003 from source code leaked online last week. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-xp-and-server-2003-compiled-from-leaked-source-code/

Microsoft adds Windows 10 storage health monitoring for NVMe SSDs

Starting with the latest Windows 10 build, the OS will alert users of any hardware issues affecting their NVMe (Non-Volatile Memory Express) Solid State Drives (SSDs) that could potentially lead to a risk of failure. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-windows-10-storage-health-monitoring-for-nvme-ssds/

Two charged for hacking NBA, NFL players' social media accounts

The US Department of Justice charged two men for their involvement in the fraudulent takeover of email and social media accounts owned by multiple National Football League (NFL) and the National Basketball Association (NBA) athletes. [...]

https://www.bleepingcomputer.com/news/security/two-charged-for-hacking-nba-nfl-players-social-media-accounts/

Microsoft pulls SQL Server 2019 update due to snapshot issues

Microsoft pulled the Cumulative Update package 7 (CU7) for SQL Server 2019 released on September 2 after confirming a known reliability issue impacting customers who used the database snapshot feature. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-pulls-sql-server-2019-update-due-to-snapshot-issues/

Chrome 86 for iOS fixes orientation bug that broke web page layouts

Google has released Chrome 86 for iOS today, and it fixes an annoying issue that caused a web page rendering issue after rotating the device to landscape and back to portrait. [...]

https://www.bleepingcomputer.com/news/google/chrome-86-for-ios-fixes-orientation-bug-that-broke-web-page-layouts/

Windows Subsystem for Linux 2 bypasses the Windows 10 Firewall

The Windows Subsystem for Linux 2 will bypass the Windows 10 firewall and any configured rules, raising security concerns for those who use the feature. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-subsystem-for-linux-2-bypasses-the-windows-10-firewall/

Microsoft launches Surface Laptop Go and Surface Pro X

Microsoft today unveiled the Surface Laptop Go with Windows 10 in S Mode and Surface Pro X with SQ2 processor and Windows 10 on ARM. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-launches-surface-laptop-go-and-surface-pro-x/

Spammers add random text to shortened links to evade detection

Spammers are using a new technique of adding random, unused text bits to shortened links to evade detection by humans and spam filters. [...]

https://www.bleepingcomputer.com/news/security/spammers-add-random-text-to-shortened-links-to-evade-detection/

Fake Threema, Telegram apps hide spyware for targeted attacks

Starting from a little-known malware sample, security researchers tracked down a new Android spyware distributed through fake messaging apps like Threema, Telegram, and WeMessage. [...]

https://www.bleepingcomputer.com/news/security/fake-threema-telegram-apps-hide-spyware-for-targeted-attacks/

Twitter is down with users seeing "Something went wrong" errors

Twitter users are currently experiencing issues around the world, with users unable to use the website and mobile apps. [...]

https://www.bleepingcomputer.com/news/technology/twitter-is-down-with-users-seeing-something-went-wrong-errors/

Hackers leak files stolen in Pakistan's K-Electric ransomware attack

The Netwalker ransomware operators have published the stolen data for K-Electric, Pakistan's largest private power company, after a ransom was not paid. [...]

https://www.bleepingcomputer.com/news/security/hackers-leak-files-stolen-in-pakistans-k-electric-ransomware-attack/

US govt warns of sanction risks for facilitating ransomware payments

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) today said that organizations that assist ransomware victims to make ransom payments are facing sanctions risks as their actions could violate OFAC regulations. [...]

https://www.bleepingcomputer.com/news/security/us-govt-warns-of-sanction-risks-for-facilitating-ransomware-payments/

New service checks if your email was used in Emotet attacks

A new service has been launched that allows you to check if an email domain or address was in an Emotet spam campaign. [...]

https://www.bleepingcomputer.com/news/security/new-service-checks-if-your-email-was-used-in-emotet-attacks/

NVIDIA fixes high severity flaws in Windows display driver

NVIDIA has released security updates to address high severity vulnerabilities in the Windows GPU display driver that could lead to code execution, escalation of privileges, information disclosure, and denial of service. [...]

https://www.bleepingcomputer.com/news/security/nvidia-fixes-high-severity-flaws-in-windows-display-driver/