Microsoft Defender ATP detects Chrome updates as PHP backdoors
Microsoft Defender for Endpoint is currently detecting at least two Chrome updates as malware, tagging the Slovenian localization file bundled with the Google Chrome installer as a malicious file. [...]
https://www.bleepingcomputer.com/news/security/microsoft-defender-atp-detects-chrome-updates-as-php-backdoors/
Microsoft Defender for Endpoint is currently detecting at least two Chrome updates as malware, tagging the Slovenian localization file bundled with the Google Chrome installer as a malicious file. [...]
https://www.bleepingcomputer.com/news/security/microsoft-defender-atp-detects-chrome-updates-as-php-backdoors/
BleepingComputer
Microsoft Defender ATP detects Chrome updates as PHP backdoors
Microsoft Defender for Endpoint is currently detecting at least two Chrome updates as malware, tagging the Slovenian localization file bundled with the Google Chrome installer as a malicious file.
Cisco fixes critical code execution bugs in SMB VPN routers
Cisco has addressed multiple pre-auth remote code execution (RCE) vulnerabilities affecting several small business VPN routers and allowing attackers to execute arbitrary code as root on successfully exploited devices. [...]
https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-code-execution-bugs-in-smb-vpn-routers/
Cisco has addressed multiple pre-auth remote code execution (RCE) vulnerabilities affecting several small business VPN routers and allowing attackers to execute arbitrary code as root on successfully exploited devices. [...]
https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-code-execution-bugs-in-smb-vpn-routers/
BleepingComputer
Cisco fixes critical code execution bugs in SMB VPN routers
Cisco has addressed multiple pre-auth remote code execution (RCE) vulnerabilities affecting several small business VPN routers and allowing attackers to execute arbitrary code as root on successfully exploited devices.
Microsoft fixes issue causing Windows 10 apps to forget passwords
Microsoft has addressed a known issue impacting multiple Windows 10 apps and causing them to forget users' passwords after upgrading devices to certain Windows 10, version 2004 builds. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-issue-causing-windows-10-apps-to-forget-passwords/
Microsoft has addressed a known issue impacting multiple Windows 10 apps and causing them to forget users' passwords after upgrading devices to certain Windows 10, version 2004 builds. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-issue-causing-windows-10-apps-to-forget-passwords/
BleepingComputer
Microsoft fixes issue causing Windows 10 apps to forget passwords
Microsoft has addressed a known issue impacting multiple Windows 10 apps and causing them to forget users' passwords after upgrading devices to certain Windows 10, version 2004 builds.
SonicWall fixes actively exploited SMA 100 zero-day vulnerability
SonicWall has released a patch for the zero-day vulnerability used in attacks against the SMA 100 series of remote access appliances. [...]
https://www.bleepingcomputer.com/news/security/sonicwall-fixes-actively-exploited-sma-100-zero-day-vulnerability/
SonicWall has released a patch for the zero-day vulnerability used in attacks against the SMA 100 series of remote access appliances. [...]
https://www.bleepingcomputer.com/news/security/sonicwall-fixes-actively-exploited-sma-100-zero-day-vulnerability/
BleepingComputer
SonicWall fixes actively exploited SMA 100 zero-day vulnerability
SonicWall has released a patch for the zero-day vulnerability used in attacks against the SMA 100 series of remote access appliances.
New Fonix ransomware decryptor can recover victim's files for free
Kaspersky has released a decryptor for the Fonix Ransomware (XONIF) that allows victims to recover their encrypted files for free. [...]
https://www.bleepingcomputer.com/news/security/new-fonix-ransomware-decryptor-can-recover-victims-files-for-free/
Kaspersky has released a decryptor for the Fonix Ransomware (XONIF) that allows victims to recover their encrypted files for free. [...]
https://www.bleepingcomputer.com/news/security/new-fonix-ransomware-decryptor-can-recover-victims-files-for-free/
BleepingComputer
New Fonix ransomware decryptor can recover victim's files for free
Kaspersky has released a decryptor for the Fonix Ransomware (XONIF) that allows victims to recover their encrypted files for free.
Oxfam Australia investigates data breach after database sold online
Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum. [...]
https://www.bleepingcomputer.com/news/security/oxfam-australia-investigates-data-breach-after-database-sold-online/
Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum. [...]
https://www.bleepingcomputer.com/news/security/oxfam-australia-investigates-data-breach-after-database-sold-online/
BleepingComputer
Oxfam Australia investigates data breach after database put up for sale
Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum.
Rise in ransomware attacks mistakenly causing data destruction
More and more ransomware victims are resisting the extortionists and refuse to pay when they can recover from backups, despite hackers' threats to leak the data stolen before encryption. [...]
https://www.bleepingcomputer.com/news/security/rise-in-ransomware-attacks-mistakenly-causing-data-destruction/
More and more ransomware victims are resisting the extortionists and refuse to pay when they can recover from backups, despite hackers' threats to leak the data stolen before encryption. [...]
https://www.bleepingcomputer.com/news/security/rise-in-ransomware-attacks-mistakenly-causing-data-destruction/
BleepingComputer
Ransomware attacks increasingly destroy victimsβ data by mistake
More and more ransomware victims are resisting the extortionists and refuse to pay when they can recover from backups, despite hackers' threats to leak the data stolen before encryption.
Microsoft fixes PowerPoint crashes in Office February updates
Microsoft released the February 2021 non-security Microsoft Office updates with improvements and fixes for issues and crashes impacting Windows Installer (MSI) editions of Office 2016, Office 2013, and Office 2010 products. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-powerpoint-crashes-in-office-february-updates/
Microsoft released the February 2021 non-security Microsoft Office updates with improvements and fixes for issues and crashes impacting Windows Installer (MSI) editions of Office 2016, Office 2013, and Office 2010 products. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-powerpoint-crashes-in-office-february-updates/
BleepingComputer
Microsoft fixes PowerPoint crashes in Office February updates
Microsoft released the February 2021 non-security Microsoft Office updates with improvements and fixes for issues and crashes impacting Windows Installer (MSI) editions of Office 2016, Office 2013, and Office 2010 products.
Plex Media servers actively abused to amplify DDoS attacks
Plex Media Server systems are actively being abused by DDoS-for-hire services as a UDP reflection/amplification vector in Distributed Denial of Service (DDoS) attacks. [...]
https://www.bleepingcomputer.com/news/security/plex-media-servers-actively-abused-to-amplify-ddos-attacks/
Plex Media Server systems are actively being abused by DDoS-for-hire services as a UDP reflection/amplification vector in Distributed Denial of Service (DDoS) attacks. [...]
https://www.bleepingcomputer.com/news/security/plex-media-servers-actively-abused-to-amplify-ddos-attacks/
BleepingComputer
Plex Media servers actively abused to amplify DDoS attacks
Plex Media Server systems are actively being abused by DDoS-for-hire services as a UDP reflection/amplification vector in Distributed Denial of Service (DDoS) attacks.
Hacking group also used an IE zero-day against security researchers
An Internet Explorer zero-day vulnerability has been discovered used in recent North Korean attacks against security and vulnerability researchers. [...]
https://www.bleepingcomputer.com/news/security/hacking-group-also-used-an-ie-zero-day-against-security-researchers/
An Internet Explorer zero-day vulnerability has been discovered used in recent North Korean attacks against security and vulnerability researchers. [...]
https://www.bleepingcomputer.com/news/security/hacking-group-also-used-an-ie-zero-day-against-security-researchers/
BleepingComputer
Hacking group also used an IE zero-day against security researchers
An Internet Explorer zero-day vulnerability has been discovered used in recent North Korean attacks against security and vulnerability researchers.
Windows 10 2004 now in broad deployment, available to everyone
Microsoft has announced that Windows 10, version 2004 has now been added to the broad deployment channel and will be available to everyone via Windows Update. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-now-in-broad-deployment-available-to-everyone/
Microsoft has announced that Windows 10, version 2004 has now been added to the broad deployment channel and will be available to everyone via Windows Update. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-now-in-broad-deployment-available-to-everyone/
BleepingComputer
Windows 10 2004 now in broad deployment, available to everyone
Microsoft has announced that Windows 10, version 2004 has now been added to the broad deployment channel and will be available to everyone via Windows Update.
Hackers steal StormShield firewall source code in data breach
Leading French cybersecurity company StormShield disclosed that their systems were hacked, allowing a threat actor to access the companies' support ticket system and steal source code for Stormshield Network Security firewall software. [...]
https://www.bleepingcomputer.com/news/security/hackers-steal-stormshield-firewall-source-code-in-data-breach/
Leading French cybersecurity company StormShield disclosed that their systems were hacked, allowing a threat actor to access the companies' support ticket system and steal source code for Stormshield Network Security firewall software. [...]
https://www.bleepingcomputer.com/news/security/hackers-steal-stormshield-firewall-source-code-in-data-breach/
BleepingComputer
Hackers steal StormShield firewall source code in data breach
Leading French cybersecurity company StormShield disclosed that their systems were hacked, allowing a threat actor to access the company's support ticket system and steal source code for Stormshield Network Security firewall software.
Google fixes Chrome zero-day actively exploited in the wild
Google has addressed an actively exploited zero-day security vulnerability in the Chrome 88.0.4324.150 version released today, February 4th, 2020, to the Stable desktop channel for Windows, Mac, and Linux users. [...]
https://www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-actively-exploited-in-the-wild/
Google has addressed an actively exploited zero-day security vulnerability in the Chrome 88.0.4324.150 version released today, February 4th, 2020, to the Stable desktop channel for Windows, Mac, and Linux users. [...]
https://www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-actively-exploited-in-the-wild/
BleepingComputer
Google fixes Chrome zero-day actively exploited in the wild
Google has addressed an actively exploited zero-day security vulnerability in the Chrome 88.0.4324.150 version released today, February 4th, 2020, to the Stable desktop channel for Windows, Mac, and Linux users.
Eletrobras, Copel energy companies hit by ransomware attacks
Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), two major electric utilities companies in Brazil have announced that they suffered ransomware attacks over the past week. [...]
https://www.bleepingcomputer.com/news/security/eletrobras-copel-energy-companies-hit-by-ransomware-attacks/
Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), two major electric utilities companies in Brazil have announced that they suffered ransomware attacks over the past week. [...]
https://www.bleepingcomputer.com/news/security/eletrobras-copel-energy-companies-hit-by-ransomware-attacks/
BleepingComputer
Eletrobras, Copel energy companies hit by ransomware attacks
Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), two major electric utilities companies in Brazil have announced that they suffered ransomware attacks over the past week.
Recent Windows 10 updates cause Visual Studio, WPF app crashes
Visual Studio is crashing when docking or dragging windows around after installing recently released .NET Framework cumulative update previews for Windows 10 and Windows Server. [...]
https://www.bleepingcomputer.com/news/microsoft/recent-windows-10-updates-cause-visual-studio-wpf-app-crashes/
Visual Studio is crashing when docking or dragging windows around after installing recently released .NET Framework cumulative update previews for Windows 10 and Windows Server. [...]
https://www.bleepingcomputer.com/news/microsoft/recent-windows-10-updates-cause-visual-studio-wpf-app-crashes/
BleepingComputer
Recent Windows 10 updates cause Visual Studio, WPF app crashes
Visual Studio is crashing when docking or dragging windows around after installing recently released .NET Framework cumulative update previews for Windows 10 and Windows Server.
Microsoft warns of increasing OAuth Office 365 phishing attacks
Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned. [...]
https://www.bleepingcomputer.com/news/security/microsoft-warns-of-increasing-oauth-office-365-phishing-attacks/
Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned. [...]
https://www.bleepingcomputer.com/news/security/microsoft-warns-of-increasing-oauth-office-365-phishing-attacks/
BleepingComputer
Microsoft warns of increasing OAuth Office 365 phishing attacks
Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned.
SitePoint discloses data breach after stolen info used in attacks
The SitePoint web professional community has disclosed a data breach after their user database was sold and eventually leaked for free on a hacker forum. [...]
https://www.bleepingcomputer.com/news/security/sitepoint-discloses-data-breach-after-stolen-info-used-in-attacks/
The SitePoint web professional community has disclosed a data breach after their user database was sold and eventually leaked for free on a hacker forum. [...]
https://www.bleepingcomputer.com/news/security/sitepoint-discloses-data-breach-after-stolen-info-used-in-attacks/
BleepingComputer
SitePoint discloses data breach after stolen info used in attacks
The SitePoint web professional community has disclosed a data breach after their user database was sold and eventually leaked for free on a hacker forum.
Windows 10 April updates remove Microsoft Edge Legacy permanently
Microsoft has announced today that Microsoft Edge Legacy will be permanently removed and replaced with the new Microsoft Edge after installing April's Windows 10 Patch Tuesday security update. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-april-updates-remove-microsoft-edge-legacy-permanently/
Microsoft has announced today that Microsoft Edge Legacy will be permanently removed and replaced with the new Microsoft Edge after installing April's Windows 10 Patch Tuesday security update. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-april-updates-remove-microsoft-edge-legacy-permanently/
BleepingComputer
Windows 10 April updates remove Microsoft Edge Legacy permanently
Microsoft has announced today that Microsoft Edge Legacy will be permanently removed and replaced with the new Microsoft Edge after installing April's Windows 10 Patch Tuesday security update.
Malicious extension abuses Chrome sync to steal usersβ data
The Google Chrome Sync feature can be abused by threat actors to harvest information from compromised computers using maliciously-crafted Chrome browser extensions. [...]
https://www.bleepingcomputer.com/news/security/malicious-extension-abuses-chrome-sync-to-steal-users-data/
The Google Chrome Sync feature can be abused by threat actors to harvest information from compromised computers using maliciously-crafted Chrome browser extensions. [...]
https://www.bleepingcomputer.com/news/security/malicious-extension-abuses-chrome-sync-to-steal-users-data/
BleepingComputer
Malicious extension abuses Chrome sync to steal usersβ data
The Google Chrome Sync feature can be abused by threat actors to harvest information from compromised computers using maliciously-crafted Chrome browser extensions.
The Week in Ransomware - February 5th 2021 - Data destruction
This week we saw a few large scale attacks and various ransomware reports indicating ransom payments are falling, while attacks are increasingly destroying data permanently. The good news is a new ransomware decryptor was released, allowing victims to recover files for free. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-5th-2021-data-destruction/
This week we saw a few large scale attacks and various ransomware reports indicating ransom payments are falling, while attacks are increasingly destroying data permanently. The good news is a new ransomware decryptor was released, allowing victims to recover files for free. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-5th-2021-data-destruction/
BleepingComputer
The Week in Ransomware - February 5th 2021 - Data destruction
This week we saw a few large scale attacks and various ransomware reports indicating ransom payments are falling, while attacks are increasingly destroying data permanently. The good news is a new ransomware decryptor was released, allowing victims to recoverβ¦
This Flash Player emulator lets you securely play your old games
A Flash Player emulator called 'Ruffle' allows you to play your archived Flash games without fear of being attacked as you browse the web. [...]
https://www.bleepingcomputer.com/news/software/this-flash-player-emulator-lets-you-securely-play-your-old-games/
A Flash Player emulator called 'Ruffle' allows you to play your archived Flash games without fear of being attacked as you browse the web. [...]
https://www.bleepingcomputer.com/news/software/this-flash-player-emulator-lets-you-securely-play-your-old-games/
BleepingComputer
This Flash Player emulator lets you securely play your old games
A Flash Player emulator called 'Ruffle' allows you to play your archived Flash games without fear of being attacked as you browse the web.