Maze ransomware shuts down operations, denies creating cartel

The Maze ransomware gang announced today that they have officially closed down their ransomware operation and will no longer be leaking new companies' data on their site. [...]

https://www.bleepingcomputer.com/news/security/maze-ransomware-shuts-down-operations-denies-creating-cartel/

Microsoft is investigating lost Windows 10 certificates issue

Microsoft is investigating a known issue leading to missing system and user certificates after updating certain Windows 10 systems using outdated installation media through update management tools, physical media, or ISO images. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-is-investigating-lost-windows-10-certificates-issue/

GitHub threatens to ban users who bypass YouTube-dl takedown

GitHub has issued a warning that accounts could be banned if they continue to upload content that was removed due to DMCA takedown notices. [...]

https://www.bleepingcomputer.com/news/software/github-threatens-to-ban-users-who-bypass-youtube-dl-takedown/

Microsoft: Windows 10 1809 reaches end of service next week

Microsoft today reminded customers that some editions of Windows 10, version 1809 (also known as the October 2018 Update) will reach its end of service next week. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-10-1809-reaches-end-of-service-next-week/

Oracle issues emergency patch for critical WebLogic Server flaw

Oracle issued an out-of-band security update over the weekend to address a critical remote code execution (RCE) vulnerability impacting multiple Oracle WebLogic Server versions. [...]

https://www.bleepingcomputer.com/news/security/oracle-issues-emergency-patch-for-critical-weblogic-server-flaw/

Google patches one more actively exploited Chrome zero-day

Google today released Chrome 86.0.4240.183 for Windows, Mac, and Linux to address 10 security vulnerabilities impacting the web browser, including a zero-day bug exploited in the wild. [...]

https://www.bleepingcomputer.com/news/security/google-patches-one-more-actively-exploited-chrome-zero-day/

GitHub breaks site layout after forgetting to renew certificate

This morning, GitHub's pristine layout vanished in what looks like a miss on the company's part in renewing an SSL certificate. The expired certificate prevented numerous resources like images, JavaScript, and CSS stylesheets from loading correctly on GitHub. [...]

https://www.bleepingcomputer.com/news/security/github-breaks-site-layout-after-forgetting-to-renew-certificate/

Microsoft Tips app leaks Windows 10's upcoming rounded corners

The Microsoft Tips app has leaked more evidence that Microsoft is working on rounded corners for Windows 10 windows. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-tips-app-leaks-windows-10s-upcoming-rounded-corners/

Privacy-focused Brave browser grew over 130% in the past year

Brave Browser, the privacy-focused web browser, announced today that it grew in usage by over 130% in its first year of the release of its 'Stable' version. [...]

https://www.bleepingcomputer.com/news/software/privacy-focused-brave-browser-grew-over-130-percent-in-the-past-year/

Blackbaud sued in 23 class action lawsuits after ransomware attack

Leading cloud software provider Blackbaud has been sued in 23 proposed consumer class action cases in the U.S. and Canada related to the ransomware attack that the company suffered in May 2020. [...]

https://www.bleepingcomputer.com/news/security/blackbaud-sued-in-23-class-action-lawsuits-after-ransomware-attack/

Adobe fixes critical security vulnerabilities in Acrobat, Reader

Adobe has released security updates to address critical severity vulnerabilities affecting Adobe Acrobat and Reader for Windows and macOS that could enable attackers to execute arbitrary code on vulnerable devices. [...]

https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-security-vulnerabilities-in-acrobat-reader/

Windows 7 won't die, still second most popular operating system

The data analysts firm NetMarketShare revealed that Windows 10 has seen another uptake in users and it went up to 64.04% from 61.26% last month. Linux (multiple distros) went from 1.14% to 1.65% and Ubuntu now holds a market share of 0.51% [...]

https://www.bleepingcomputer.com/news/microsoft/windows-7-wont-die-still-second-most-popular-operating-system/

SaltStack reveals new critical vulnerabilities, patch now

SaltStack has released information on 3 vulnerabilities. 2 being critical, impacting Salt versions 3002 and prior. Users are encouraged to patch their Salt instances immediately. [...]

https://www.bleepingcomputer.com/news/security/saltstack-reveals-new-critical-vulnerabilities-patch-now/

Folksam data breach leaks info of 1M Swedes to Google, Facebook, more

Folksam, one of the largest insurance companies in Sweden, today disclosed a data breach affecting around 1 million Swedes after sharing customers' personal info with multiple technology giants. [...]

https://www.bleepingcomputer.com/news/security/folksam-data-breach-leaks-info-of-1m-swedes-to-google-facebook-more/

New RegretLocker ransomware targets Windows virtual machines

A new ransomware called RegretLocker uses a variety of advanced features that allows it to encrypt virtual hard drives and close open files for encryption. [...]

https://www.bleepingcomputer.com/news/security/new-regretlocker-ransomware-targets-windows-virtual-machines/

Leading toy maker Mattel hit by ransomware

​Toy industry giant Mattel disclosed that they suffered a ransomware attack in July that impacted some of its business functions but did not lead to data theft. [...]

https://www.bleepingcomputer.com/news/security/leading-toy-maker-mattel-hit-by-ransomware/

Someone just emptied out a $1 billion BitCoin wallet

A password-protected cryptocurrency wallet with almost a billion dollar-worth of BitCoins has just been emptied out. Mystery surrounds the party who finally managed to cash out the big fat amount: was it the owner themselves, or did someone crack this wallet? [...]

https://www.bleepingcomputer.com/news/security/someone-just-emptied-out-a-1-billion-bitcoin-wallet/

Sneaky Office 365 phishing inverts images to evade detection

A creative Office 365 phishing campaign has been inverting images used as backgrounds for landing pages to avoid getting flagged as malicious by crawlers designed to spot phishing sites. [...]

https://www.bleepingcomputer.com/news/security/sneaky-office-365-phishing-inverts-images-to-evade-detection/

Microsoft outage breaks sites, Windows Store, Xbox, and other services

Microsoft is experiencing an outage that causes website content not to display correctly and for the Microsoft Store app to fail to load. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-outage-breaks-sites-windows-store-xbox-and-other-services/

Cisco discloses AnyConnect VPN zero-day, exploit code available

Cisco has disclosed today a zero-day vulnerability in the Cisco AnyConnect Secure Mobility Client software with proof-of-concept exploit code publicly available. [...]

https://www.bleepingcomputer.com/news/security/cisco-discloses-anyconnect-vpn-zero-day-exploit-code-available/

Apple search bot leaked internal IPs via proxy configuration

A podcast creator and security researcher discovered that Apple's search bot, namely Applebot, crawling his podcast series had been leaking internal IPs due to a misconfigured proxy server. And, it took Apple over 9 months to fix this, for no obvious reason. [...]

https://www.bleepingcomputer.com/news/security/apple-search-bot-leaked-internal-ips-via-proxy-configuration/