Adobe releases security update for Adobe Reader for Android

Adobe has released security updates to address vulnerabilities classified as 'Important' in Adobe Reader for Android and Adobe Connect. [...]

https://www.bleepingcomputer.com/news/security/adobe-releases-security-update-for-adobe-reader-for-android/

Microsoft engineer stole $10M, used colleagues as scapegoats

Volodymyr Kvashuk, a Ukrainian citizen and former Microsoft software engineer, was sentenced to nine years in prison for stealing over $10 million worth of currency stored value (CSV) including gift cards over a span of two years. [...]

https://www.bleepingcomputer.com/news/security/microsoft-engineer-stole-10m-used-colleagues-as-scapegoats/

Windows 10 Cumulative Updates KB4586786 & KB4586781 Released

It's November 10 and Patch Tuesday, and the first batch of security updates or 'B' updates are now available for all supported versions of Windows 10 including version 20H2. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb4586786-and-kb4586781-released/

Microsoft Store, Outlook, and Xbox Live are down worldwide

Microsoft users are currently experiencing issues around the world, with users unable to access Windows Store (Microsoft Store), Xbox Live services, and Outlook. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-store-outlook-and-xbox-live-are-down-worldwide/

Microsoft November 2020 Patch Tuesday fixes 112 vulnerabilities

Today is Microsoft's November 2020 Patch Tuesday, and Microsoft has patched 112 security vulnerabilities, including one zero-day disclosed by Google Project Zero last week. [...]

https://www.bleepingcomputer.com/news/security/microsoft-november-2020-patch-tuesday-fixes-112-vulnerabilities/

Microsoft fixes Windows zero-day disclosed by Google last month

Microsoft has fixed today a Windows kernel zero-day vulnerability exploited in the wild as part of targeted attacks and publicly disclosed by Project Zero, Google's 0day bug-hunting team, last month. [...]

https://www.bleepingcomputer.com/news/security/microsoft-fixes-windows-zero-day-disclosed-by-google-last-month/

Windows 10 Intel microcode released to fix new CPU security bugs

Microsoft has released a new batch of Intel microcode updates for Windows 10 20H2, 2004, 1909, and older versions to fix new hardware vulnerabilities discovered in Intel CPUs. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-intel-microcode-released-to-fix-new-cpu-security-bugs/

Microsoft is investigating undeletable Outlook.com emails

Microsoft is investigating a recently discovered issue that causes deleted emails to reappear in the mail inbox of Outlook.com accounts. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-is-investigating-undeletable-outlookcom-emails/

Ransomware gang hacks Facebook account to run extortion ads

​A ransomware group has now started to run Facebook advertisements to pressure victims to pay a ransom. [...]

https://www.bleepingcomputer.com/news/security/ransomware-gang-hacks-facebook-account-to-run-extortion-ads/

Samsung fixes critical Android flaws with November 2020 updates

Samsung has rolled out November 2020 Android updates today on their Galaxy devices. These patch serious vulnerabilities along with enhancing the overall device functionality. [...]

https://www.bleepingcomputer.com/news/security/samsung-fixes-critical-android-flaws-with-november-2020-updates/

Chinese-linked Muhstik botnet targets Oracle WebLogic, Drupal

Muhstik botnet has been targeting cloud infrastructure for years. New details have emerged related to this malware that shed light on its nefarious activities and origins. [...]

https://www.bleepingcomputer.com/news/security/chinese-linked-muhstik-botnet-targets-oracle-weblogic-drupal/

NVIDIA fixes severe flaw in GeForce NOW cloud gaming service

NVIDIA released a security update for the GeForce Now cloud gaming Windows app to address a vulnerability that could allow attackers to execute arbitrary code or escalate privileges on systems running unpatched software. [...]

https://www.bleepingcomputer.com/news/security/nvidia-fixes-severe-flaw-in-geforce-now-cloud-gaming-service/

Office November security updates fix remote code execution bugs

Microsoft has released the November 2020 Office security updates with a total of 22 updates and 5 cumulative updates for 7 different products, fixing 14 vulnerabilities with five of them potentially enabling remote attackers to execute arbitrary code on vulnerable systems. [...]

https://www.bleepingcomputer.com/news/security/office-november-security-updates-fix-remote-code-execution-bugs/

Microsoft now lets you run multiple Android apps in Windows 10

Microsoft has announced today that Windows 10 customers with devices running the latest Insider build can launch and interact with multiple Android apps directly on their computers' desktops. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-now-lets-you-run-multiple-android-apps-in-windows-10/

Alleged source code of Cobalt Strike toolkit shared online

The source code for the widely-used Cobalt Strike post-exploitation toolkit has allegedly been leaked online in a GitHub repository. [...]

https://www.bleepingcomputer.com/news/security/alleged-source-code-of-cobalt-strike-toolkit-shared-online/

Intel fixes 95 vulnerabilities in November 2020 Platform Update

Intel addressed 95 vulnerabilities as part of the November 2020 Patch Tuesday, including critical ones affecting Intel Wireless Bluetooth products and Intel Active Management Technology (AMT). [...]

https://www.bleepingcomputer.com/news/security/intel-fixes-95-vulnerabilities-in-november-2020-platform-update/

Animal Jam kids' virtual world hit by data breach, impacts 46M accounts

The immensely popular children's online playground Animal Jam has suffered a data breach impacting 46 million accounts. [...]

https://www.bleepingcomputer.com/news/security/animal-jam-kids-virtual-world-hit-by-data-breach-impacts-46m-accounts/

ModPipe malware decrypts Oracle point-of-sale database passwords

Security researchers have discovered a new malware geared with modules that target Oracle Micros Hospitality RES 3700 point-of-sale systems, one of the most widely used management software in the hospitality industry. [...]

https://www.bleepingcomputer.com/news/security/modpipe-malware-decrypts-oracle-point-of-sale-database-passwords/

Rakuten sends cashback emails to customers in error

Japanese e-commerce giant Rakuten had sent email notifications yesterday to many of its customers congratulating them on newly earned cashback.
Today, they took their words (and the cash) back. [...]

https://www.bleepingcomputer.com/news/technology/rakuten-sends-cashback-emails-to-customers-in-error/

Steelcase furniture giant down for 2 weeks after ransomware attack

Office furniture giant Steelcase says that no information was stolen during a Ryuk ransomware attack that forced them to shut down global operations for roughly two weeks. [...]

https://www.bleepingcomputer.com/news/security/steelcase-furniture-giant-down-for-2-weeks-after-ransomware-attack/

Popular stock photo service hit by data breach, 8.3M records for sale

Stock photo site 123RF has suffered a data breach after a hacker began selling a database containing 8.3 million user records on a hacker forum. [...]

https://www.bleepingcomputer.com/news/security/popular-stock-photo-service-hit-by-data-breach-83m-records-for-sale/