Windows 95 Easter egg discovered after being hidden for 25 years

A Windows hacker has found a never-before-seen Easter egg in the Windows 95 Internet Mail application, twnty-five years after the software was released. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-95-easter-egg-discovered-after-being-hidden-for-25-years/

What's next from Microsoft, Windows 10, and Surface in 2021

In 2021, Microsoft is planning to release exciting new Surface products and software updates for Windows 10. This includes Windows 10X, Windows 10 Sun Valley Update, Windows Cloud PC, Surface Laptop 4, Surface Duo 2, and more. [...]

https://www.bleepingcomputer.com/news/microsoft/whats-next-from-microsoft-windows-10-and-surface-in-2021/

New Windows 10 File Explore icons favor design over function

Microsoft has updated the icons used in File Explorer to be the new Fluent icons, and while they look great, there is a tradeoff between design and functionality. [...]

https://www.bleepingcomputer.com/news/microsoft/new-windows-10-file-explore-icons-favor-design-over-function/

CompuCom MSP expects over $20M in losses after ransomware attack

American managed service provider CompuCom is expecting losses of over $20 million following this month's DarkSide ransomware attack that took down most of its systems. [...]

https://www.bleepingcomputer.com/news/security/compucom-msp-expects-over-20m-in-losses-after-ransomware-attack/

Take control of Windows 10 feature updates using these settings

In this article, we're highlighting two group policies that you can try to take control over Windows 10 feature updates. [...]

https://www.bleepingcomputer.com/news/microsoft/take-control-of-windows-10-feature-updates-using-these-settings/

Critical netmask networking bug impacts thousands of applications

Popular npm component netmask has a critical networking vulnerability, CVE-2021-28918. netmask is frequently used by hundreds of thousands of applications to parse IPv4 addresses and CIDR blocks or compare them. The component gets over 3 million weekly downloads, and as of today, has scored over 238 million total downloads. [...]

https://www.bleepingcomputer.com/news/security/critical-netmask-networking-bug-impacts-thousands-of-applications/

Ransomware admin is refunding victims their ransom payments

After recently announcing the end of the operation, the administrator of Ziggy ransomware is now stating that they will also give the money back. [...]

https://www.bleepingcomputer.com/news/security/ransomware-admin-is-refunding-victims-their-ransom-payments/

PHP's Git server hacked to add backdoors to PHP source code

In the latest software supply chain attack, the official PHP Git repository was hacked and tampered with. Yesterday, two malicious commits were pushed to the php-src Git repository maintained by the PHP team on their git.php.net server. The threat actors had signed off on these commits as if they were made by known PHP developers. [...]

https://www.bleepingcomputer.com/news/security/phps-git-server-hacked-to-add-backdoors-to-php-source-code/

Harris Federation hit by ransomware attack affecting 50 schools

The IT systems and email servers of London-based nonprofit multi-academy trust Harris Federation were taken down by a ransomware attack on Saturday. [...]

https://www.bleepingcomputer.com/news/security/harris-federation-hit-by-ransomware-attack-affecting-50-schools/

Docker Hub images downloaded 20M times come with cryptominers

Researchers found that more than two-dozen containers on Docker Hub have been downloaded more than 20 million times for cryptojacking operations spanning at least two years. [...]

https://www.bleepingcomputer.com/news/security/docker-hub-images-downloaded-20m-times-come-with-cryptominers/

Windows 10 is getting OEMDRIVERS, a folder for third-party drivers

Microsoft is adding a dedicated OEMDRIVERS folder to Windows 10 that will be used to store third-party drivers. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-is-getting-oemdrivers-a-folder-for-third-party-drivers/

Microsoft working to fix Windows 10 21H1 update install issue

Microsoft is working to fix an issue causing a recently released Windows 10 21H1 build to fail to install for customers enrolled in the Windows Insider program. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-working-to-fix-windows-10-21h1-update-install-issue/

Windows 10 KB5000842 cumulative update fixes freezing issues

Microsoft has released the KB5000842 non-security preview update for all editions of Windows 10, version 20H2, and Windows 10, version 2004, with fixes for system freezing and activation issues. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5000842-cumulative-update-fixes-freezing-issues/

Microsoft Exchange attacks increase while WannaCry gets a restart

The recently patched vulnerabilities in Microsoft Exchange have sparked new interest among cybercriminals, who increased the volume of attacks focusing on this particular vector. [...]

https://www.bleepingcomputer.com/news/security/microsoft-exchange-attacks-increase-while-wannacry-gets-a-restart/

Leading Indian fintech platform MobiKwik denies data breach

Indian digital financial services platform Mobikwik denies claims that almost 8 TB of data put up for sale was allegedly stolen from its servers. [...]

https://www.bleepingcomputer.com/news/security/leading-indian-fintech-platform-mobikwik-denies-data-breach/

Scammers target universities in ongoing IRS phishing attacks

The Internal Revenue Service (IRS) is warning of ongoing phishing attacks impersonating the IRS and targeting educational institutions. [...]

https://www.bleepingcomputer.com/news/security/scammers-target-universities-in-ongoing-irs-phishing-attacks/

VMware fixes bug allowing attackers to steal admin credentials

VMware has published security updates to address a high severity vulnerability in vRealize Operations that could allow attackers to steal admin credentials after exploiting vulnerable servers. [...]

https://www.bleepingcomputer.com/news/security/vmware-fixes-bug-allowing-attackers-to-steal-admin-credentials/

US govt warns that buying fake COVID-19 vaccine cards is a crime

US federal agencies have warned today against making or selling fake COVID-19 vaccination record cards as this is breaking the law. [...]

https://www.bleepingcomputer.com/news/security/us-govt-warns-that-buying-fake-covid-19-vaccine-cards-is-a-crime/

Google Chrome for Linux is getting DNS-over-HTTPS, but there's a catch

Google Chrome developers have announced plans to roll out DNS-over-HTTPS (DoH) support to Chrome web browser for Linux. DoH has been supported on Google Chrome for other platforms, including Android, since at least 2020. But, there's a catch. [...]

https://www.bleepingcomputer.com/news/security/google-chrome-for-linux-is-getting-dns-over-https-but-theres-a-catch/

Fake jQuery files infect WordPress sites with malware

Researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named jquery-migrate.js & jquery-migrate.min.js and present at the exact locations where JavaScript files are normally present on WordPress sites but are malicious. [...]

https://www.bleepingcomputer.com/news/security/fake-jquery-files-infect-wordpress-sites-with-malware/

Scammers steal New Yorkers' private info for benefits fraud

New York's Department of Financial Services (DFS) warns of an ongoing series of attacks resulting in the theft of personal information belonging to hundreds of thousands of New Yorkers. [...]

https://www.bleepingcomputer.com/news/security/scammers-steal-new-yorkers-private-info-for-benefits-fraud/