CS:GO, Valve Source games vulnerable to hacking using Steam invites
A group of security researchers known as the Secret Club took it to Twitter to report a remote code execution bug in the Source 3D game engine developed by Valve and used for building games with tens of millions of unique players. [...]
https://www.bleepingcomputer.com/news/security/cs-go-valve-source-games-vulnerable-to-hacking-using-steam-invites/
A group of security researchers known as the Secret Club took it to Twitter to report a remote code execution bug in the Source 3D game engine developed by Valve and used for building games with tens of millions of unique players. [...]
https://www.bleepingcomputer.com/news/security/cs-go-valve-source-games-vulnerable-to-hacking-using-steam-invites/
BleepingComputer
CS:GO, Valve Source games vulnerable to hacking using Steam invites
A group of security researchers known as the Secret Club took it to Twitter to report a remote code execution bug in the Source 3D game engine developed by Valve and used for building games with tens of millions of unique players.
Windows 10 is getting a 'Windows Tools' control panel for power users
βIn future versions of Windows 10, Microsoft has removed the venerable 'Administrative Tools' and added a new 'Windows Tools' control panel with almost double the number of tools promoted within it. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-is-getting-a-windows-tools-control-panel-for-power-users/
βIn future versions of Windows 10, Microsoft has removed the venerable 'Administrative Tools' and added a new 'Windows Tools' control panel with almost double the number of tools promoted within it. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-is-getting-a-windows-tools-control-panel-for-power-users/
BleepingComputer
Windows 10 is getting a 'Windows Tools' control panel for power users
βIn future versions of Windows 10, Microsoft has removed the venerable 'Administrative Tools' and added a new 'Windows Tools' control panel with almost double the number of tools promoted within it.
Google Chrome, Microsoft Edge zero-day vulnerability shared on Twitter
A security researcher has dropped a zero-day remote code execution vulnerability on Twitter that works on the current version of Google Chrome and Microsoft Edge. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-microsoft-edge-zero-day-vulnerability-shared-on-twitter/
A security researcher has dropped a zero-day remote code execution vulnerability on Twitter that works on the current version of Google Chrome and Microsoft Edge. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-microsoft-edge-zero-day-vulnerability-shared-on-twitter/
BleepingComputer
Google Chrome, Microsoft Edge zero-day vulnerability shared on Twitter
A security researcher has dropped a zero-day remote code execution vulnerability on Twitter that works on the current version of Google Chrome and Microsoft Edge.
NAME:WRECK DNS vulnerabilities affect over 100 million devices
Security researchers today disclosed nine vulnerabilities affecting implementations of the Domain Name System protocol in popular TCP/IP network communication stacks running on at least 100 million devices. [...]
https://www.bleepingcomputer.com/news/security/name-wreck-dns-vulnerabilities-affect-over-100-million-devices/
Security researchers today disclosed nine vulnerabilities affecting implementations of the Domain Name System protocol in popular TCP/IP network communication stacks running on at least 100 million devices. [...]
https://www.bleepingcomputer.com/news/security/name-wreck-dns-vulnerabilities-affect-over-100-million-devices/
BleepingComputer
NAME:WRECK DNS vulnerabilities affect over 100 million devices
Security researchers today disclosed nine vulnerabilities affecting implementations of the Domain Name System protocol in popular TCP/IP network communication stacks running on at least 100 million devices.
Watch out for this W-2 phishing scam targeting the 2021 tax season
With the United State tax season in high gear, threat actors have sprung into action with a recent tax document phishing scam that abuses TypeForm forms to steal your login credentials. [...]
https://www.bleepingcomputer.com/news/security/watch-out-for-this-w-2-phishing-scam-targeting-the-2021-tax-season/
With the United State tax season in high gear, threat actors have sprung into action with a recent tax document phishing scam that abuses TypeForm forms to steal your login credentials. [...]
https://www.bleepingcomputer.com/news/security/watch-out-for-this-w-2-phishing-scam-targeting-the-2021-tax-season/
BleepingComputer
Watch out for this W-2 phishing scam targeting the 2021 tax season
With the United State tax season in high gear, threat actors have sprung into action with a recent tax document phishing scam that abuses TypeForm forms to steal your login credentials.
Adobe fixes critical vulnerabilities in Photoshop and Digital Editions
Adobe has released security updates that address security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. [...]
https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-vulnerabilities-in-photoshop-and-digital-editions/
Adobe has released security updates that address security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. [...]
https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-vulnerabilities-in-photoshop-and-digital-editions/
BleepingComputer
Adobe fixes critical vulnerabilities in Photoshop and Digital Editions
Adobe has released security updates that address security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp.
QBot malware is back replacing IcedID in malspam campaigns
Malware distributors are rotating payloads once again, switching between trojans that are many times an intermediary stage in a longer infection chain. [...]
https://www.bleepingcomputer.com/news/security/qbot-malware-is-back-replacing-icedid-in-malspam-campaigns/
Malware distributors are rotating payloads once again, switching between trojans that are many times an intermediary stage in a longer infection chain. [...]
https://www.bleepingcomputer.com/news/security/qbot-malware-is-back-replacing-icedid-in-malspam-campaigns/
BleepingComputer
QBot malware is back replacing IcedID in malspam campaigns
Malware distributors are rotating payloads once again, switching between trojans that are many times an intermediary stage in a longer infection chain.
RIP: Microsoft Edge Legacy nuked by April Windows Updates
Microsoft has confirmed that today's release of mandatory Patch Tuesday updates will automatically remove Edge Legacy and replace it with the new Chromium-based Edge. [...]
https://www.bleepingcomputer.com/news/microsoft/rip-microsoft-edge-legacy-nuked-by-april-windows-updates/
Microsoft has confirmed that today's release of mandatory Patch Tuesday updates will automatically remove Edge Legacy and replace it with the new Chromium-based Edge. [...]
https://www.bleepingcomputer.com/news/microsoft/rip-microsoft-edge-legacy-nuked-by-april-windows-updates/
BleepingComputer
RIP: Microsoft Edge Legacy nuked by April Windows Updates
Microsoft has confirmed that today's release of mandatory Patch Tuesday updates will automatically remove Edge Legacy and replace it with the new Chromium-based Edge.
Microsoft April 2021 Patch Tuesday fixes 108 flaws, 5 zero-days
Today is Microsoft's April 2021 Patch Tuesday, and with it comes five zero-day vulnerabilities and more Critical Microsoft Exchange vulnerabilities. It has been a tough couple of months for Windows and Microsoft Exchange admins, and it looks like April won't be any easier, so please be nice to your IT staff today. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2021-patch-tuesday-fixes-108-flaws-5-zero-days/
Today is Microsoft's April 2021 Patch Tuesday, and with it comes five zero-day vulnerabilities and more Critical Microsoft Exchange vulnerabilities. It has been a tough couple of months for Windows and Microsoft Exchange admins, and it looks like April won't be any easier, so please be nice to your IT staff today. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2021-patch-tuesday-fixes-108-flaws-5-zero-days/
BleepingComputer
Microsoft April 2021 Patch Tuesday fixes 108 flaws, 5 zero-days
Today is Microsoft's April 2021 Patch Tuesday, and with it comes five zero-day vulnerabilities and more Critical Microsoft Exchange vulnerabilities. It has been a tough couple of months for Windows and Microsoft Exchange admins, and it looks like April won'tβ¦
New Linux, macOS malware hidden in fake Browserify NPM package
A new malicious package been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems for its recon activities. The malicious package is called "web-browserify." It imitates the popular Browserify npm component, downloaded over 160 million times over its lifetime. [...]
https://www.bleepingcomputer.com/news/security/new-linux-macos-malware-hidden-in-fake-browserify-npm-package/
A new malicious package been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems for its recon activities. The malicious package is called "web-browserify." It imitates the popular Browserify npm component, downloaded over 160 million times over its lifetime. [...]
https://www.bleepingcomputer.com/news/security/new-linux-macos-malware-hidden-in-fake-browserify-npm-package/
BleepingComputer
New Linux, macOS malware hidden in fake Browserify NPM package
A new malicious package been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems for its recon activities. The malicious package is called "web-browserify." It imitates the popular Browserify npmβ¦
Windows 10 Cumulative Updates KB5001330 & KB5001337 released
s part of the April Patch cycle, Microsoft is rolling out a new cumulative update for all supported version of Windows, including KB5001330 for Windows 10 20H2/2004 and KB5001337 for Windows 10 1909. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb5001330-and-kb5001337-released/
s part of the April Patch cycle, Microsoft is rolling out a new cumulative update for all supported version of Windows, including KB5001330 for Windows 10 20H2/2004 and KB5001337 for Windows 10 1909. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb5001330-and-kb5001337-released/
BleepingComputer
Windows 10 Cumulative Updates KB5001330 & KB5001337 released
s part of the April Patch cycle, Microsoft is rolling out a new cumulative update for all supported version of Windows, including KB5001330 for Windows 10 20H2/2004 and KB5001337 for Windows 10 1909.
NSA discovers critical Exchange Server vulnerabilities, patch now
Microsoft today has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical. [...]
https://www.bleepingcomputer.com/news/security/nsa-discovers-critical-exchange-server-vulnerabilities-patch-now/
Microsoft today has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical. [...]
https://www.bleepingcomputer.com/news/security/nsa-discovers-critical-exchange-server-vulnerabilities-patch-now/
BleepingComputer
NSA discovers critical Exchange Server vulnerabilities, patch now
Microsoft today has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical.
CISA gives federal agencies until Friday to patch Exchange servers
The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday. [...]
https://www.bleepingcomputer.com/news/security/cisa-gives-federal-agencies-until-friday-to-patch-exchange-servers/
The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday. [...]
https://www.bleepingcomputer.com/news/security/cisa-gives-federal-agencies-until-friday-to-patch-exchange-servers/
BleepingComputer
CISA gives federal agencies until Friday to patch Exchange servers
The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday.
Capcom: Ransomware gang used old VPN device to breach the network
Capcom has released a new update about the ransomware attack it suffered last year, detailing how the hackers gained access to the network, compromised devices, and stole personal information belonging to thousands of individuals. [...]
https://www.bleepingcomputer.com/news/security/capcom-ransomware-gang-used-old-vpn-device-to-breach-the-network/
Capcom has released a new update about the ransomware attack it suffered last year, detailing how the hackers gained access to the network, compromised devices, and stole personal information belonging to thousands of individuals. [...]
https://www.bleepingcomputer.com/news/security/capcom-ransomware-gang-used-old-vpn-device-to-breach-the-network/
BleepingComputer
Capcom: Ransomware gang used old VPN device to breach the network
Capcom has released a final update about the ransomware attack it suffered last year, detailing how the hackers gained access to the network, compromised devices, and stole personal information belonging to thousands of individuals.
FBI nuked web shells from hacked Exchange Servers without telling owners
A court-approved FBI operation was conducted to remove web shells from compromised US-based Microsoft Exchange servers without first notifying the servers' owners. [...]
https://www.bleepingcomputer.com/news/security/fbi-nuked-web-shells-from-hacked-exchange-servers-without-telling-owners/
A court-approved FBI operation was conducted to remove web shells from compromised US-based Microsoft Exchange servers without first notifying the servers' owners. [...]
https://www.bleepingcomputer.com/news/security/fbi-nuked-web-shells-from-hacked-exchange-servers-without-telling-owners/
BleepingComputer
FBI nuked web shells from hacked Exchange Servers without telling owners
A court-approved FBI operation was conducted to remove web shells from compromised US-based Microsoft Exchange servers without first notifying the servers' owners.
Vivaldi, Brave, DuckDuckGo reject Google's FLoC ad tracking tech
Makers of Vivaldi and Brave web browsers have rejected Google's new privacy-preserving proposal called FLoC, which is meant to replace third-party tracking cookies across websites on browsers, including Chrome. [...]
https://www.bleepingcomputer.com/news/security/vivaldi-brave-duckduckgo-reject-googles-floc-ad-tracking-tech/
Makers of Vivaldi and Brave web browsers have rejected Google's new privacy-preserving proposal called FLoC, which is meant to replace third-party tracking cookies across websites on browsers, including Chrome. [...]
https://www.bleepingcomputer.com/news/security/vivaldi-brave-duckduckgo-reject-googles-floc-ad-tracking-tech/
BleepingComputer
Vivaldi, Brave, DuckDuckGo reject Google's FLoC ad tracking tech
Makers of Vivaldi and Brave web browsers have rejected Google's new privacy-preserving proposal called FLoC, which is meant to replace third-party tracking cookies across websites on browsers, including Chrome.
Second Google Chrome zero-day exploit dropped on twitter this week
A second Chromium zero-day remote code execution exploit has been released on Twitter this week that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers. [...]
https://www.bleepingcomputer.com/news/security/second-google-chrome-zero-day-exploit-dropped-on-twitter-this-week/
A second Chromium zero-day remote code execution exploit has been released on Twitter this week that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers. [...]
https://www.bleepingcomputer.com/news/security/second-google-chrome-zero-day-exploit-dropped-on-twitter-this-week/
BleepingComputer
Second Google Chrome zero-day exploit dropped on twitter this week
A second Chromium zero-day remote code execution exploit has been released on Twitter this week that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers.
SAP fixes critical bugs in Business Client, Commerce, and NetWeaver
SAP's security updates for this month address multiple critical vulnerabilities. The most serious of them, rated with the highest severity score, affects the company's Business Client product. [...]
https://www.bleepingcomputer.com/news/security/sap-fixes-critical-bugs-in-business-client-commerce-and-netweaver/
SAP's security updates for this month address multiple critical vulnerabilities. The most serious of them, rated with the highest severity score, affects the company's Business Client product. [...]
https://www.bleepingcomputer.com/news/security/sap-fixes-critical-bugs-in-business-client-commerce-and-netweaver/
BleepingComputer
SAP fixes critical bugs in Business Client, Commerce, and NetWeaver
SAP's security updates for this month address multiple critical vulnerabilities. The most serious of them, rated with the highest severity score, affects the company's Business Client product.
Microsoft moves Windows 10 21H1 to the Release preview channel
Microsoft is now installing the Windows 10 21H1 build in the Release preview channel, indicating that it will likely be released later this month or in May. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-moves-windows-10-21h1-to-the-release-preview-channel/
Microsoft is now installing the Windows 10 21H1 build in the Release preview channel, indicating that it will likely be released later this month or in May. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-moves-windows-10-21h1-to-the-release-preview-channel/
BleepingComputer
Microsoft moves Windows 10 21H1 to the Release preview channel
Microsoft is now installing the Windows 10 21H1 build in the Release preview channel, indicating that it will likely be released later this month or in May.
Google Chrome 90 released with HTTPS as the default protocol
Google has released Chrome 90 today, April 14th, 2021, to the Stable desktop channel, and it includes security improvements, a new AV1 encoder, and the default protocol changed to HTTPS. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-90-released-with-https-as-the-default-protocol/
Google has released Chrome 90 today, April 14th, 2021, to the Stable desktop channel, and it includes security improvements, a new AV1 encoder, and the default protocol changed to HTTPS. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-90-released-with-https-as-the-default-protocol/
BleepingComputer
Google Chrome 90 released with HTTPS as the default protocol
Google has released Chrome 90 today, April 14th, 2021, to the Stable desktop channel, and it includes security improvements, a new AV1 encoder, and the default protocol changed to HTTPS.
NSA: Top 5 vulnerabilities actively abused by Russian govt hackers
A joint advisory from the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) warn that the Russian Foreign Intelligence Service (SVR) is exploiting five vulnerabilities in attacks against U.S. organizations and interests. [...]
https://www.bleepingcomputer.com/news/security/nsa-top-5-vulnerabilities-actively-abused-by-russian-govt-hackers/
A joint advisory from the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) warn that the Russian Foreign Intelligence Service (SVR) is exploiting five vulnerabilities in attacks against U.S. organizations and interests. [...]
https://www.bleepingcomputer.com/news/security/nsa-top-5-vulnerabilities-actively-abused-by-russian-govt-hackers/
BleepingComputer
NSA: Top 5 vulnerabilities actively abused by Russian govt hackers
A joint advisory from the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) warn that the Russian Foreign Intelligence Service (SVR) is exploiting five vulnerabilitiesβ¦