This Flash Player emulator lets you securely play your old games

A Flash Player emulator called 'Ruffle' allows you to play your archived Flash games without fear of being attacked as you browse the web. [...]

https://www.bleepingcomputer.com/news/software/this-flash-player-emulator-lets-you-securely-play-your-old-games/

The Great Suspender Chrome extension's fall from grace

Google has forcibly uninstalled the immensely popular 'The Great Suspender' extension from Google Chrome and classified it as malware. [...]

https://www.bleepingcomputer.com/news/software/the-great-suspender-chrome-extensions-fall-from-grace/

Mozilla fixes Windows 10 NTFS corruption bug in Firefox

Mozilla has released Firefox 85.0.1 and includes a fix that prevents a Windows 10 NTFS corruption bug from being triggered from the browser. [...]

https://www.bleepingcomputer.com/news/software/mozilla-fixes-windows-10-ntfs-corruption-bug-in-firefox/

Signal ignores proxy censorship vulnerability, bans researchers

Signal, an end-to-end encrypted messaging platform was blocked in Iran and suggested a TLS proxy workaround to help its users bypass censorship.
However, researchers have discovered vulnerabilities in the workaround that can render Signal's suggestions moot and pose risks for the users. [...]

https://www.bleepingcomputer.com/news/security/signal-ignores-proxy-censorship-vulnerability-bans-researchers/

Fortinet fixes critical vulnerabilities in SSL VPN and web firewall

Fortinet has fixed multiple severe vulnerabilities impacting its products.
The vulnerabilities range from Remote Code Execution to SQL Injection, to Denial of Service (DoS) and impact the FortiProxy SSL VPN and FortiWeb Web Application Firewall (WAF) products.  [...]

https://www.bleepingcomputer.com/news/security/fortinet-fixes-critical-vulnerabilities-in-ssl-vpn-and-web-firewall/

New phishing attack uses Morse code to hide malicious URLs

A new targeted phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment. [...]

https://www.bleepingcomputer.com/news/security/new-phishing-attack-uses-morse-code-to-hide-malicious-urls/

Ziggy ransomware shuts down and releases victims' decryption keys

The Ziggy ransomware operation has shut down and released the victims' decryption keys after concerns about recent law enforcement activity and guilt for encrypting victims. [...]

https://www.bleepingcomputer.com/news/security/ziggy-ransomware-shuts-down-and-releases-victims-decryption-keys/

Microsoft to alert Office 365 users of nation-state hacking activity

Microsoft will soon notify Office 365 of suspected nation-state hacking activity detected within their tenants according to a new listing on the company's Microsoft 365 roadmap. [...]

https://www.bleepingcomputer.com/news/security/microsoft-to-alert-office-365-users-of-nation-state-hacking-activity/

Android app joins the dark side, sends malware update to millions

Google has removed a popular Android barcode scanner app with over 10 million installs from the Play Store after researchers found that it turned malicious following a December 2020 update. [...]

https://www.bleepingcomputer.com/news/security/android-app-joins-the-dark-side-sends-malware-update-to-millions/

Microsoft: Keep your guard up even after Emotet’s disruption

Microsoft warns customers not to let their guard down even after hundreds of Emotet botnet servers were taken down in late January 2021. [...]

https://www.bleepingcomputer.com/news/security/microsoft-keep-your-guard-up-even-after-emotet-s-disruption/

Cyberpunk 2077 fixes bug that let malicious mods take over PCs

CD Projekt Red has released a hotfix for Cyberpunk 2077 to fix a remote code execution vulnerability that could be exploited by third-party data file modifications and save games files. [...]

https://www.bleepingcomputer.com/news/security/cyberpunk-2077-fixes-bug-that-let-malicious-mods-take-over-pcs/

Critical vulnerability fixed in WordPress plugin with 800K installs

The NextGen Gallery development team has addressed two severe CSRF vulnerabilities to protect sites from potential takeover attacks. [...]

https://www.bleepingcomputer.com/news/security/critical-vulnerability-fixed-in-wordpress-plugin-with-800k-installs/

Hackers tried poisoning town after breaching its water facility

A hacker gained access to the water treatment system for the city of Oldsmar, Florida, and attempted to increase the concentration of sodium hydroxide (NaOH), also known as lye and caustic soda, to extremely dangerous levels. [...]

https://www.bleepingcomputer.com/news/security/hackers-tried-poisoning-town-after-breaching-its-water-facility/

CD PROJEKT RED gaming studio hit by ransomware attack

CD PROJEKT RED, the video game development studio behind Cyberpunk 2077 and The Witcher trilogy, has disclosed a ransomware attack that impacted its network. [...]

https://www.bleepingcomputer.com/news/security/cd-projekt-red-gaming-studio-hit-by-ransomware-attack/

Microsoft: Recent Windows 10 gaming issues caused by Discord bug

Microsoft has acknowledged a known issue that was causing Direct3D 12 games to fail to launch or crash with an error on some Windows 10 devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-recent-windows-10-gaming-issues-caused-by-discord-bug/

Office 365 will help admins find impersonation attack targets

Microsoft will make it easier for Defender for Office 365 customers to identify users and domains targeted in impersonation-based phishing attacks as recently revealed on the Microsoft 365 roadmap. [...]

https://www.bleepingcomputer.com/news/security/office-365-will-help-admins-find-impersonation-attack-targets/

Adobe fixes critical Reader vulnerability exploited in the wild

Adobe has released security updates that address an actively exploited vulnerability in Adobe Reader and other critical bugs in Adobe Acrobat, Magento, Photoshop, Animate, Illustrator, and Dreamweaver. [...]

https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-reader-vulnerability-exploited-in-the-wild/

Researcher hacks Microsoft, Apple, more in novel supply chain attack

A researcher managed to hack systems of over 35 major tech companies including Microsoft, Apple, PayPal, Shopify, Netflix, Tesla, Yelp, Tesla, and Uber in a novel software supply chain attack. For his ethical hacking research efforts, the researcher has been awarded over $130,000 in bug bounties. [...]

https://www.bleepingcomputer.com/news/security/researcher-hacks-microsoft-apple-more-in-novel-supply-chain-attack/

New BendyBear APT malware gets linked to Chinese hacking group

Unit 42 researchers today have shared info on a new polymorphic and "highly sophisticated" malware dubbed BendyBear, linked to a hacking group with known ties to the Chinese government. [...]

https://www.bleepingcomputer.com/news/security/new-bendybear-apt-malware-gets-linked-to-chinese-hacking-group/

Microsoft February 2021 Patch Tuesday fixes 56 flaws, 1 zero-day

Today is Microsoft's February 2021 Patch Tuesday, so please be buy your Windows administrators some snacks to keep their energy up throughout the day. [...]

https://www.bleepingcomputer.com/news/security/microsoft-february-2021-patch-tuesday-fixes-56-flaws-1-zero-day/

Windows 10 Cumulative Updates KB4601315 & KB4601319 released

As part of the February Patch cycle, Microsoft is rolling out a new cumulative update for all supported version of Windows. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb4601315-and-kb4601319-released/