Microsoft brings its on-die Pluton security processor to Intel, AMD CPUs

Microsoft is integrating its Pluton security processor directly into Intel, AMD, and Qualcomm CPUs to better secure Windows PCs. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-brings-its-on-die-pluton-security-processor-to-intel-amd-cpus/

Coil payments platform leaks user emails in 'Privacy Policy' update

Micropayments platform Coil, used by content creators and popular blogs accidentally exposed the email addresses of some users in a mass email announcement. [...]

https://www.bleepingcomputer.com/news/security/coil-payments-platform-leaks-user-emails-in-privacy-policy-update/

Firefox 83 boosts security with HTTPS-Only mode, zero-day fix

Mozilla Firefox 83 was released today with a new feature called 'HTTPS-Only Mode' that secures your browsing sessions by rewriting URLs to secure HTTPS versions. [...]

https://www.bleepingcomputer.com/news/software/firefox-83-boosts-security-with-https-only-mode-zero-day-fix/

Office 365 phishing campaign detects sandboxes to evade detection

Microsoft is tracking an ongoing Office 365 phishing campaign that makes use of several methods to evade automated analysis in attacks against enterprise targets. [...]

https://www.bleepingcomputer.com/news/security/office-365-phishing-campaign-detects-sandboxes-to-evade-detection/

Microsoft previews Linux endpoint detection and response capabilities

Microsoft has announced today the public preview of endpoint detection and response (EDR) capabilities in Microsoft Defender Advanced Threat Protection (ATP) — now known as Microsoft Defender for Endpoint — for Linux servers. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-previews-linux-endpoint-detection-and-response-capabilities/

Chrome 87 released with performance boost and security fixes

Google has released Chrome 87 today, November 17th, 2020, to the Stable desktop channel, and it includes numerous performance improvements, security fixes, and new features. [...]

https://www.bleepingcomputer.com/news/google/chrome-87-released-with-performance-boost-and-security-fixes/

Hackers are actively probing millions of WordPress sites

Unknown threat actors are scanning for WordPress websites with Epsilon Framework themes installed on over 150,000 sites and vulnerable to Function Injection attacks that could lead to full site takeovers. [...]

https://www.bleepingcomputer.com/news/security/hackers-are-actively-probing-millions-of-wordpress-sites/

Google confirms Chrome crashing bug on Macs with Apple CPUs

Google is currently working on fixing a known issue causing a Google Chrome web browser version launched earlier today for Apple processors to suddenly crash. [...]

https://www.bleepingcomputer.com/news/google/google-confirms-chrome-crashing-bug-on-macs-with-apple-cpus/

Trump fires DHS cybersecurity director Chris Krebs

President Trump has fired Chris Krebs, Director of the Cybersecurity and Infrastructure Security Agency (CISA), after Krebs disputed claims that the U.S. 2020 Presidential Election was insecure and fraudulent. [...]

https://www.bleepingcomputer.com/news/security/trump-fires-dhs-cybersecurity-director-chris-krebs/

Microsoft fixes Windows Kerberos authentication issues in OOB update

Microsoft has released out-of-band optional updates to fix a known issue that causes Kerberos authentication problems on enterprise domain controllers after installing security updates released earlier this month to address CVE-2020-17049. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-kerberos-authentication-issues-in-oob-update/

Microsoft fixes issue causing Windows 10 certificates to disappear

Microsoft has resolved a known issue leading to missing system and user certificates after updating managed Windows 10 systems using outdated installation media through update management tools, physical media, or ISO images. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-issue-causing-windows-10-certificates-to-disappear/

REvil ransomware hits Managed.com hosting provider, 500K ransom

Managed web hosting provider Managed.com has taken their servers and web hosting systems offline as they struggle to recover from a weekend REvil ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/revil-ransomware-hits-managedcom-hosting-provider-500k-ransom/

Chinese APT10 hackers use Zerologon exploits against Japanese orgs

A Chinese state-sponsored hacking group has been observed while attempting to exploit the Windows Zerologon vulnerability in attacks against Japanese companies and subsidiaries from multiple industry sectors in 17 regions around the globe. [...]

https://www.bleepingcomputer.com/news/security/chinese-apt10-hackers-use-zerologon-exploits-against-japanese-orgs/

Windows 10 Preview build 20262 released to Insiders

Microsoft has Windows 10 preview build 20262 (FE_RELEASE) to Insiders on the Dev channel with mostly bug fixes. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-preview-build-20262-released-to-insiders/

Cisco fixes WebEx bugs allowing 'ghost' attackers in meetings

Cisco has fixed today three Webex security vulnerabilities that would have allowed unauthenticated remote attackers to join ongoing meetings as ghost participants. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-webex-bugs-allowing-ghost-attackers-in-meetings/

Egregor ransomware shoots ransom notes out of victims' printers

The Egregor ransomware uses a novel approach to get a victim's attention after an attack - shoot ransom notes from all available printers. [...]

https://www.bleepingcomputer.com/news/security/egregor-ransomware-shoots-ransom-notes-out-of-victims-printers/

Google’s free services are now phishing campaign’s best friends

Threat actors are abusing Google's free productivity tools and services to create convincing phishing campaigns that steal your credentials or trick you into installing malware. [...]

https://www.bleepingcomputer.com/news/security/google-s-free-services-are-now-phishing-campaign-s-best-friends/

Android chat app with 100 million installs exposes private messages

GO SMS Pro, an Android instant messaging application with over 100 million installs, is publicly exposing private multimedia files shared between its users. [...]

https://www.bleepingcomputer.com/news/security/android-chat-app-with-100-million-installs-exposes-private-messages/

Microsoft rolls out protection for critical accounts in Office 365

Microsoft has launched Office 365 priority protection for accounts of high-profile employees such as executive-level managers who are most often targeted by threat actors. [...]

https://www.bleepingcomputer.com/news/security/microsoft-rolls-out-protection-for-critical-accounts-in-office-365/

Scammer sentenced for stealing $9M from adoption, automotive firms

A Florida man was sentenced to 37 months in prison earlier this week for his involvement in a business account takeover scheme that resulted in more than $9 million in total financial losses. [...]

https://www.bleepingcomputer.com/news/security/scammer-sentenced-for-stealing-9m-from-adoption-automotive-firms/

How to uninstall and downgrade Windows 10 20H2 to previous versions

If you are running into issues with Windows 10 20H2, otherwise known as the October 2020 Update, this guide will explain how to roll back to your previous version of the operating system. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-uninstall-and-downgrade-windows-10-20h2-to-previous-versions/