Microsoft releases Azure Firewall Premium in public preview

Microsoft has announced that the new Premium tier for its managed cloud-based network security service Azure Firewall has entered public preview starting today. [...]

https://www.bleepingcomputer.com/news/security/microsoft-releases-azure-firewall-premium-in-public-preview/

Windows 10 KB4601380 update fixes screen rendering issues

Microsoft has released the KB4601380 non-security update for all editions of Windows 10, version 1909, and Windows 10, version 1809, with fixes for screen rendering and Microsoft Defender for Endpoint high resource usage issues. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4601380-update-fixes-screen-rendering-issues/

QNAP patches critical vulnerability in Surveillance Station NAS app

QNAP has addressed a critical security vulnerability in the Surveillance Station app that allows attackers to execute malicious code remotely on network-attached storage (NAS) devices running the vulnerable software. [...]

https://www.bleepingcomputer.com/news/security/qnap-patches-critical-vulnerability-in-surveillance-station-nas-app/

Dutch Police post "say no to cybercrime" warnings on hacker forums

The Dutch Police have begun posting warnings on Russian and English-speaking hacker forums not to commit cybercrime as law enforcement is watching their activity. [...]

https://www.bleepingcomputer.com/news/security/dutch-police-post-say-no-to-cybercrime-warnings-on-hacker-forums/

Russian Sandworm hackers only hit orgs with old Centreon software

Centreon, the maker of the IT monitoring software exploited by Russian state hackers to infiltrate French companies' networks, said today that only organizations using obsolete software were compromised. [...]

https://www.bleepingcomputer.com/news/security/russian-sandworm-hackers-only-hit-orgs-with-old-centreon-software/

Rising healthcare breaches driven by hacking and unsecured servers

2020 was a bad year for healthcare organizations in the U.S., which had to deal with a record-high number of cybersecurity incidents on the backdrop of the COVID-19 pandemic. [...]

https://www.bleepingcomputer.com/news/security/rising-healthcare-breaches-driven-by-hacking-and-unsecured-servers/

Microsoft force installs Windows 10 update to remove Flash Player

Microsoft is force installing a Windows 10 update that removes the embedded 32-bit version of Adobe Flash Player from the operating system. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-force-installs-windows-10-update-to-remove-flash-player/

US indicts North Korean hackers for stealing $1.3 billion

The U.S. Department of Justice has charged three North Koreans for stealing $1.3 billion in money and cryptocurrency in attacks on banks, the entertainment industry, cryptocurrency companies, and more. [...]

https://www.bleepingcomputer.com/news/security/us-indicts-north-korean-hackers-for-stealing-13-billion/

Kia Motors America suffers ransomware attack, $20 million ransom

Kia Motors America has suffered a ransomware attack by the DoppelPaymer gang, demanding $20 million for a decryptor and not to leak stolen data. [...]

https://www.bleepingcomputer.com/news/security/kia-motors-america-suffers-ransomware-attack-20-million-ransom/

Microsoft begins rolling out Windows 10 21H1 to Insiders

Today, Microsoft announced that they have started to roll out a preview of the Windows 10 21H1 feature update to Windows Insiders in the Beta channel. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-begins-rolling-out-windows-10-21h1-to-insiders/

Microsoft pulls a second Windows SSU for blocking security updates

Microsoft has pulled KB4601390, another buggy Windows 10 servicing stack update (SSU), because it blocked customers from installing this month's security and Cumulative Updates. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-pulls-a-second-windows-ssu-for-blocking-security-updates/

US shares info on North Korean malware used to steal cryptocurrency

The FBI, CISA, and US Department of Treasury shared detailed info on malicious and fake crypto-trading applications used by North Korean-backed state hackers to steal cryptocurrency from individuals and companies worldwide in a joint advisory published on Wednesday. [...]

https://www.bleepingcomputer.com/news/security/us-shares-info-on-north-korean-malware-used-to-steal-cryptocurrency/

Upcoming NVIDIA RTX 3060 purposely cripples mining performance

NVIDIA is purposely crippling the Ethereum mining power of their upcoming GeForce RTX 3060 GPU by 50% to increase inventory for gamers. [...]

https://www.bleepingcomputer.com/news/hardware/upcoming-nvidia-rtx-3060-purposely-cripples-mining-performance/

FBI: Telephony denial-of-service attacks can lead to loss of lives

The Federal Bureau of Investigation (FBI) has warned of the harsh consequences of telephony denial-of-service (TDoS) attacks and has also provided the steps needed to mitigate their impact. [...]

https://www.bleepingcomputer.com/news/security/fbi-telephony-denial-of-service-attacks-can-lead-to-loss-of-lives/

Microsoft: SolarWinds hackers downloaded Azure, Exchange source code

Microsoft announced today that the SolarWinds hackers could gain access to source code for a limited amount of components used by Azure, Intune, and Exchange. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-solarwinds-hackers-downloaded-azure-exchange-source-code/

Hackers abuse Google Apps Script to steal credit cards, bypass CSP

Attackers are abusing Google's Apps Script business application development platform to steal credit card information submitted by customers of e-commerce websites while shopping online. [...]

https://www.bleepingcomputer.com/news/security/hackers-abuse-google-apps-script-to-steal-credit-cards-bypass-csp/

RIPE NCC Internet Registry discloses SSO credential stuffing attack

RIPE NCC is warning members that they suffered a credential stuffing attack attempting to gain access to single sign-on (SSO) accounts. [...]

https://www.bleepingcomputer.com/news/security/ripe-ncc-internet-registry-discloses-sso-credential-stuffing-attack/

US cities disclose data breaches after vendor's ransomware attack

A ransomware attack against the widely used payment processor ATFS has sparked data breach notifications from numerous cities and agencies within California and Washington. [...]

https://www.bleepingcomputer.com/news/security/us-cities-disclose-data-breaches-after-vendors-ransomware-attack/

Microsoft cuts down Windows 10 Enterprise LTSC support to 5 years

Microsoft is shortening the support lifecycle of Windows 10 Enterprise Long Term Servicing Channel (LTSC) releases from 10 years down to only five years. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-cuts-down-windows-10-enterprise-ltsc-support-to-5-years/

Microsoft to launch Office 2021 and Office LTSC later this year

Microsoft announced the launch of Microsoft Office Long Term Servicing Channel (LTSC) and Office 2021 later this year for clients who don't want to get an Office cloud subscription service and prefer a one-time purchase. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-launch-office-2021-and-office-ltsc-later-this-year/

Brave privacy bug exposes Tor onion URLs to your DNS provider

Brave Browser is fixing a privacy issue that leaks the Tor onion URL addresses you visit to your locally configured DNS server, exposing the dark web websites you visit. [...]

https://www.bleepingcomputer.com/news/security/brave-privacy-bug-exposes-tor-onion-urls-to-your-dns-provider/