ProtonVPN causes Windows BSOD crashes due to antivirus conflicts

ProtonVPN is working on fixing a bug causing Windows blue screen crashes affecting customers using the latest versions of the company's Windows client software. [...]

https://www.bleepingcomputer.com/news/software/protonvpn-causes-windows-bsod-crashes-due-to-antivirus-conflicts/

Leading crane maker Palfinger hit in global cyberattack

Leading crane and lifting manufacturer Palfinger is targeted in an ongoing cyberattack that has disrupted IT systems and business operations. [...]

https://www.bleepingcomputer.com/news/security/leading-crane-maker-palfinger-hit-in-global-cyberattack/

Windows 10 NTFS corruption bug gets unofficial temporary fix

Developers have released an unofficial fix for a Windows bug that could lead to the corruption of an NTFS volume by merely viewing a specially crafted file. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-ntfs-corruption-bug-gets-unofficial-temporary-fix/

Beware of active UK NHS COVID-19 vaccination phishing campaign

A very active phishing campaign is underway pretending to be from the UK's National Health Service (NHS), alerting recipients that they are eligible to receive the COVID-19 vaccine. [...]

https://www.bleepingcomputer.com/news/security/beware-of-active-uk-nhs-covid-19-vaccination-phishing-campaign/

North Korean hackers are targeting security researchers with malware, 0-days

A North Korean government-backed hacking group targets security researchers who focus on vulnerability and exploit development via social networks, disclosed Google tonight. [...]

https://www.bleepingcomputer.com/news/security/north-korean-hackers-are-targeting-security-researchers-with-malware-0-days/

TikTok fixes flaws allowing theft of private user information

ByteDance, the tech firm behind TikTok, has fixed a security vulnerability in the video-sharing social networking service which could have allowed attackers to steal users' private information. [...]

https://www.bleepingcomputer.com/news/security/tiktok-fixes-flaws-allowing-theft-of-private-user-information/

Google fixes severe Golang Windows RCE vulnerability

This month Google engineers have fixed two vulnerabilities in the Go language (Golang), including a severe RCE flaw, and a cryptographic weakness.
The RCE vulnerability tracked as CVE-2021-3115 mainly impacts Windows users of Go running the 'go get' command, due to the default behavior of Windows PATH lookups. [...]

https://www.bleepingcomputer.com/news/security/google-fixes-severe-golang-windows-rce-vulnerability/

Mimecast links security breach to SolarWinds hackers

Email security company Mimecast has confirmed today that the threat actor behind the SolarWinds supply-chain attack is behind the security breach it disclosed earlier this month. [...]

https://www.bleepingcomputer.com/news/security/mimecast-links-security-breach-to-solarwinds-hackers/

Firefox 85 adds supercookie protection, removes Flash support

Mozilla Firefox 85 was released today with supercookie protection to block hidden trackers from tracking Firefox users' activity while browsing the Internet. [...]

https://www.bleepingcomputer.com/news/software/firefox-85-adds-supercookie-protection-removes-flash-support/

Verizon Fios Internet outage affecting Northeastern US

Verizon Fios is experiencing an outage making it impossible to access many websites or causing them too operate to slowly to use properly use. [...]

https://www.bleepingcomputer.com/news/technology/verizon-fios-internet-outage-affecting-northeastern-us/

Pan-Asian retail giant Dairy Farm suffers REvil ransomware attack

Massive pan-Asian retail chain operator Dairy Farm Group was attacked this month by the REvil ransomware operation, demanding a $30 million ransom. [...]

https://www.bleepingcomputer.com/news/security/pan-asian-retail-giant-dairy-farm-suffers-revil-ransomware-attack/

New Linux SUDO flaw lets local users gain root privileges

A now-fixed Sudo vulnerability allowed any local user to gain root privileges on Unix-like operating systems without requiring authentication. [...]

https://www.bleepingcomputer.com/news/security/new-linux-sudo-flaw-lets-local-users-gain-root-privileges/

Microsoft releases new Windows 10 Intel CPU microcode updates

Microsoft has released a new set of Intel microcode updates for Windows 10 20H2, 2004, 1909, and older versions to fix bugs impacting multiple Intel CPU families. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-new-windows-10-intel-cpu-microcode-updates/

Here's how a researcher broke into Microsoft VS Code's GitHub

This month a researcher was awarded a bug bounty award of an undisclosed amount after he broke into the official GitHub repository of Microsoft Visual Studio Code.
A vulnerability in VS Code's issue management function and a lack of authentication checks enabled the researcher to obtain push access, and write to the repository. [...]

https://www.bleepingcomputer.com/news/security/heres-how-a-researcher-broke-into-microsoft-vs-codes-github/

Emotet botnet disrupted after global takedown operation

The infrastructure of today's most dangerous botnet built by cybercriminals using the Emotet malware was taken down following an international coordinated action coordinated by Europol and Eurojust. [...]

https://www.bleepingcomputer.com/news/security/emotet-botnet-disrupted-after-global-takedown-operation/

Linux malware uses open-source tool to evade detection

AT&T Alien Labs security researchers have discovered that the TeamTNT cybercrime group upgraded their Linux crypto-mining with open-source detection evasion capabilities. [...]

https://www.bleepingcomputer.com/news/security/linux-malware-uses-open-source-tool-to-evade-detection/

Netwalker ransomware dark web sites seized by law enforcement

The dark web websites associated with the Netwalker ransomware operation have been seized by law enforcement from the USA and Bulgaria. [...]

https://www.bleepingcomputer.com/news/security/netwalker-ransomware-dark-web-sites-seized-by-law-enforcement/

Europol: Emotet malware will uninstall itself on March 25th

Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on March 25th, 2021. [...]

https://www.bleepingcomputer.com/news/security/europol-emotet-malware-will-uninstall-itself-on-march-25th/

US charges NetWalker ransomware affiliate, seizes ransom payments

The U.S. Justice Department announced today the disruption of the Netwalker ransomware operation and the indictment of a Canadian national for alleged involvement in the file-encrypting extortion attacks. [...]

https://www.bleepingcomputer.com/news/security/us-charges-netwalker-ransomware-affiliate-seizes-ransom-payments/

Microsoft rolls out Application Guard for Office to all customers

Microsoft has announced that Application Guard for Office is now generally available for all Microsoft 365 users with supported licenses. [...]

https://www.bleepingcomputer.com/news/security/microsoft-rolls-out-application-guard-for-office-to-all-customers/

Google Chrome blocks 7 more ports to stop NAT Slipstreaming attacks

Google Chrome now blocks access to websites on an additional seven TCP ports to protect against the NAT Slipstreaming 2.0 vulnerability. [...]

https://www.bleepingcomputer.com/news/security/google-chrome-blocks-7-more-ports-to-stop-nat-slipstreaming-attacks/