Chrome 87 released with performance boost and security fixes

Google has released Chrome 87 today, November 17th, 2020, to the Stable desktop channel, and it includes numerous performance improvements, security fixes, and new features. [...]

https://www.bleepingcomputer.com/news/google/chrome-87-released-with-performance-boost-and-security-fixes/

Hackers are actively probing millions of WordPress sites

Unknown threat actors are scanning for WordPress websites with Epsilon Framework themes installed on over 150,000 sites and vulnerable to Function Injection attacks that could lead to full site takeovers. [...]

https://www.bleepingcomputer.com/news/security/hackers-are-actively-probing-millions-of-wordpress-sites/

Google confirms Chrome crashing bug on Macs with Apple CPUs

Google is currently working on fixing a known issue causing a Google Chrome web browser version launched earlier today for Apple processors to suddenly crash. [...]

https://www.bleepingcomputer.com/news/google/google-confirms-chrome-crashing-bug-on-macs-with-apple-cpus/

Trump fires DHS cybersecurity director Chris Krebs

President Trump has fired Chris Krebs, Director of the Cybersecurity and Infrastructure Security Agency (CISA), after Krebs disputed claims that the U.S. 2020 Presidential Election was insecure and fraudulent. [...]

https://www.bleepingcomputer.com/news/security/trump-fires-dhs-cybersecurity-director-chris-krebs/

Microsoft fixes Windows Kerberos authentication issues in OOB update

Microsoft has released out-of-band optional updates to fix a known issue that causes Kerberos authentication problems on enterprise domain controllers after installing security updates released earlier this month to address CVE-2020-17049. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-kerberos-authentication-issues-in-oob-update/

Microsoft fixes issue causing Windows 10 certificates to disappear

Microsoft has resolved a known issue leading to missing system and user certificates after updating managed Windows 10 systems using outdated installation media through update management tools, physical media, or ISO images. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-issue-causing-windows-10-certificates-to-disappear/

REvil ransomware hits Managed.com hosting provider, 500K ransom

Managed web hosting provider Managed.com has taken their servers and web hosting systems offline as they struggle to recover from a weekend REvil ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/revil-ransomware-hits-managedcom-hosting-provider-500k-ransom/

Chinese APT10 hackers use Zerologon exploits against Japanese orgs

A Chinese state-sponsored hacking group has been observed while attempting to exploit the Windows Zerologon vulnerability in attacks against Japanese companies and subsidiaries from multiple industry sectors in 17 regions around the globe. [...]

https://www.bleepingcomputer.com/news/security/chinese-apt10-hackers-use-zerologon-exploits-against-japanese-orgs/

Windows 10 Preview build 20262 released to Insiders

Microsoft has Windows 10 preview build 20262 (FE_RELEASE) to Insiders on the Dev channel with mostly bug fixes. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-preview-build-20262-released-to-insiders/

Cisco fixes WebEx bugs allowing 'ghost' attackers in meetings

Cisco has fixed today three Webex security vulnerabilities that would have allowed unauthenticated remote attackers to join ongoing meetings as ghost participants. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-webex-bugs-allowing-ghost-attackers-in-meetings/

Egregor ransomware shoots ransom notes out of victims' printers

The Egregor ransomware uses a novel approach to get a victim's attention after an attack - shoot ransom notes from all available printers. [...]

https://www.bleepingcomputer.com/news/security/egregor-ransomware-shoots-ransom-notes-out-of-victims-printers/

Google’s free services are now phishing campaign’s best friends

Threat actors are abusing Google's free productivity tools and services to create convincing phishing campaigns that steal your credentials or trick you into installing malware. [...]

https://www.bleepingcomputer.com/news/security/google-s-free-services-are-now-phishing-campaign-s-best-friends/

Android chat app with 100 million installs exposes private messages

GO SMS Pro, an Android instant messaging application with over 100 million installs, is publicly exposing private multimedia files shared between its users. [...]

https://www.bleepingcomputer.com/news/security/android-chat-app-with-100-million-installs-exposes-private-messages/

Microsoft rolls out protection for critical accounts in Office 365

Microsoft has launched Office 365 priority protection for accounts of high-profile employees such as executive-level managers who are most often targeted by threat actors. [...]

https://www.bleepingcomputer.com/news/security/microsoft-rolls-out-protection-for-critical-accounts-in-office-365/

Scammer sentenced for stealing $9M from adoption, automotive firms

A Florida man was sentenced to 37 months in prison earlier this week for his involvement in a business account takeover scheme that resulted in more than $9 million in total financial losses. [...]

https://www.bleepingcomputer.com/news/security/scammer-sentenced-for-stealing-9m-from-adoption-automotive-firms/

How to uninstall and downgrade Windows 10 20H2 to previous versions

If you are running into issues with Windows 10 20H2, otherwise known as the October 2020 Update, this guide will explain how to roll back to your previous version of the operating system. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-uninstall-and-downgrade-windows-10-20h2-to-previous-versions/

Facebook Messenger bug allowed Android users to spy on each other

Facebook fixed a critical flaw in the Facebook Messenger for Android messaging app that allowed callers to listen to other users' surroundings without permission before the person on the other end picked up the call.  [...]

https://www.bleepingcomputer.com/news/security/facebook-messenger-bug-allowed-android-users-to-spy-on-each-other/

Mount Locker ransomware now targets your TurboTax tax returns

The Mount Locker ransomware operation is gearing up for the tax season by specifically targeting TurboTax returns for encryption. [...]

https://www.bleepingcomputer.com/news/security/mount-locker-ransomware-now-targets-your-turbotax-tax-returns/

Kali Linux 2020.4 switches the default shell from Bash to ZSH

​Kali Linux 2020.4 was released yesterday by Offensive Security, and it takes the big step of changing the default shell from Bash to ZSH. [...]

https://www.bleepingcomputer.com/news/linux/kali-linux-20204-switches-the-default-shell-from-bash-to-zsh/

QBot partners with Egregor ransomware in bot-fueled attacks

The Qbot banking trojan has dropped the ProLock ransomware in favor of the Egregor ransomware who burst into activity in September. [...]

https://www.bleepingcomputer.com/news/security/qbot-partners-with-egregor-ransomware-in-bot-fueled-attacks/

Windows 10 KB4586819 update fixes gaming and USB 3.0 issues

​Microsoft has released the Windows 10 1909 KB4586819 non-security preview cumulative update with fixes for game crash issues and for USB 3.0 hubs causing connected devices to stop working. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4586819-update-fixes-gaming-and-usb-30-issues/