Windows 10 20H2 crashes when connecting Thunderbolt NVMe SSDs

Microsoft says that devices running Windows 10 2004 or Windows 10 20H2 might crash with blue screens of death (BSODs) when users plug in a Thunderbolt NVMe (Non-Volatile Memory Express) Solid State Drive (SSD). [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-20h2-crashes-when-connecting-thunderbolt-nvme-ssds/

Windows 10 20H2 LSASS crash issue causes forced reboots

Microsoft has acknowledged a new known issue causing forced restarts on Windows 10 20H2 devices due to the Local Security Authority Subsystem Service (LSASS) system process crashing. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-20h2-lsass-crash-issue-causes-forced-reboots/

RansomExx ransomware also encrypts Linux systems

With companies commonly using a mixed environment of Windows and Linux servers, ransomware operations have increasingly started to create Linux versions of their malware to ensure they encrypt all critical data. [...]

https://www.bleepingcomputer.com/news/security/ransomexx-ransomware-also-encrypts-linux-systems/

New Pay2Key ransomware encrypts networks within one hour

A new ransomware called Pay2Key has been targeting organizations from Israel and Brazil, encrypting their networks within an hour in targeted attacks still under investigation. [...]

https://www.bleepingcomputer.com/news/security/new-pay2key-ransomware-encrypts-networks-within-one-hour/

New Windows 10 policy lets you disable cloud customized taskbars

Microsoft has added a new group policy in Windows 10 20H2 that allows you to disable a new feature that customizes the taskbar based on what accounts or devices you have. [...]

https://www.bleepingcomputer.com/news/microsoft/new-windows-10-policy-lets-you-disable-cloud-customized-taskbars/

The Week in Ransomware - November 6th 2020 - Video Games and Liquor!

This week, it has been busy with attacks worldwide and one of the largest ransomware operations officially shutting down. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-6th-2020-video-games-and-liquor/

How Ryuk Ransomware operators made $34 million from one victim

One hacker group that is targeting high-revenue companies with Ryuk ransomware received $34 million from one victim in exchange for the decryption key that unlocked their computers. [...]

https://www.bleepingcomputer.com/news/security/how-ryuk-ransomware-operators-made-34-million-from-one-victim/

Luxottica data breach exposes LensCrafters, EyeMed patient info

A Luxottica data breach has exposed the personal and protected health information for patients of LensCrafters, Target Optical, EyeMed, and other eye care practices. [...]

https://www.bleepingcomputer.com/news/security/luxottica-data-breach-exposes-lenscrafters-eyemed-patient-info/

Managing Windows 10 apps with the Chocolatey package manager

Chocolatey is designed for both consumers (general users) and businesses, thanks to the easy to understand user interface and a suite of powerful features for existing programs deployment infrastructure. [...]

https://www.bleepingcomputer.com/news/microsoft/managing-windows-10-apps-with-the-chocolatey-package-manager/

Office 365 will let admins review Microsoft Forms phishing attempts

Microsoft is working on adding a new Microsoft Forms phishing attempt review feature that will allow Office 365 admins to confirm and block forms that try to maliciously harvest sensitive data. [...]

https://www.bleepingcomputer.com/news/security/office-365-will-let-admins-review-microsoft-forms-phishing-attempts/

This script lets you download ISOs for any Windows 10 version

A new script makes it easy to create an ISO for any version of Windows 10, including Windows 10 version 1507 through 20H2. [...]

https://www.bleepingcomputer.com/news/microsoft/this-script-lets-you-download-isos-for-any-windows-10-version/

Trump lawsuit site to report rejected votes leaked voter data

The DontTouchTheGreenButton website just launched by the Trump campaign in relation to the lawsuit filed on rejected votes in Arizona is leaking voter data. [...]

https://www.bleepingcomputer.com/news/security/trump-lawsuit-site-to-report-rejected-votes-leaked-voter-data/

HMRC smishing tax scam targets UK banking customers

An advanced HMRC tax rebate scam has been targeting UK residents this week via text messages (SMS). The smishing campaign is concerning as it employs multiple HMRC phishing domains and tactics, with new domains being added every day as older ones get flagged by spam filters. [...]

https://www.bleepingcomputer.com/news/security/hmrc-smishing-tax-scam-targets-uk-banking-customers/

How to beautify the Windows 10 Search feature

Since Windows Search interface is based on Microsoft's web technologies, it can be easily tweaked by injecting a custom JavaScript file. If you don't want to do this manually, you can use an open-source free tool called "BeautySearch". [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-beautify-the-windows-10-search-feature/

Microsoft: Windows 10 1903 reaches end of service next month

Microsoft reminds customers that some editions of Windows 10, version 1903 (also known as the May 2019 Update) will reach its end of service next month. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-10-1903-reaches-end-of-service-next-month/

Microsoft working on fix for Windows apps forgetting passwords

Microsoft says that multiple Windows 10 apps including Outlook are affected by an issue causing them to forget users' passwords after the device is upgraded to certain Windows 10, version 2004 builds. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-working-on-fix-for-windows-apps-forgetting-passwords/

Laptop maker Compal hit by ransomware, $17 million demanded

Taiwanese laptop maker Compal Electronics suffered a DoppelPaymer ransomware attack over the weekend, with the attackers demanding an almost $17 million ransom. [...]

https://www.bleepingcomputer.com/news/security/laptop-maker-compal-hit-by-ransomware-17-million-demanded/

Fake Microsoft Teams updates lead to Cobalt Strike deployment

Ransomware operators are using malicious fake ads for Microsoft Teams updates to infect systems with backdoors that deployed Cobalt Strike to compromise the rest of the network. [...]

https://www.bleepingcomputer.com/news/security/fake-microsoft-teams-updates-lead-to-cobalt-strike-deployment/

Google Chrome to block JavaScript redirects on web page URL clicks

Google Chrome is getting a new feature that increases security when clicking on web page links that open URLs in a new window or tab. [...]

https://www.bleepingcomputer.com/news/security/google-chrome-to-block-javascript-redirects-on-web-page-url-clicks/

New Slipstream NAT bypass attacks to be blocked by browsers

Web browser vendors are planning to block a new attack technique that would allow attackers to bypass a victim's NAT/firewall to gain access to any TCP/UDP service hosted on their devices. [...]

https://www.bleepingcomputer.com/news/security/new-slipstream-nat-bypass-attacks-to-be-blocked-by-browsers/

Malicious NPM project steals Discord accounts, browser info

A heavily obfuscated and malicious NPM project is used to steal Discord user tokens and browser information from unsuspecting users. [...]

https://www.bleepingcomputer.com/news/security/malicious-npm-project-steals-discord-accounts-browser-info/