Microsoft July 2021 Patch Tuesday fixes 9 zero-days, 117 flaws
Today is Microsoft's July 2021 Patch Tuesday, and with it comes fixes for nine zero-day vulnerabilities and a total of 117 flaws, so Windows admins will be pulling their hair out as they scramble to get devices patched and secured. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2021-patch-tuesday-fixes-9-zero-days-117-flaws/
Today is Microsoft's July 2021 Patch Tuesday, and with it comes fixes for nine zero-day vulnerabilities and a total of 117 flaws, so Windows admins will be pulling their hair out as they scramble to get devices patched and secured. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2021-patch-tuesday-fixes-9-zero-days-117-flaws/
BleepingComputer
Microsoft July 2021 Patch Tuesday fixes 9 zero-days, 117 flaws
Today is Microsoft's July 2021 Patch Tuesday, and with it comes fixes for nine zero-day vulnerabilities and a total of 117 flaws, so Windows admins will be pulling their hair out as they scramble to get devices patched and secured.
Microsoft fixes Windows Hello authentication bypass vulnerability
Microsoft has addressed a security feature bypass vulnerability in the Windows Hello authentication biometrics-based tech, letting threat actors spoof a target's identity and trick the face recognition mechanism into giving them access to the system. [...]
https://www.bleepingcomputer.com/news/security/microsoft-fixes-windows-hello-authentication-bypass-vulnerability/
Microsoft has addressed a security feature bypass vulnerability in the Windows Hello authentication biometrics-based tech, letting threat actors spoof a target's identity and trick the face recognition mechanism into giving them access to the system. [...]
https://www.bleepingcomputer.com/news/security/microsoft-fixes-windows-hello-authentication-bypass-vulnerability/
BleepingComputer
Microsoft fixes Windows Hello authentication bypass vulnerability
Microsoft has addressed a security feature bypass vulnerability in the Windows Hello authentication biometrics-based tech, letting threat actors spoof a target's identity and trick the face recognition mechanism into giving them access to the system.
US indicts dark web user 'The Bull' for insider trading
The U.S. Department of Justice (DoJ) has charged an individual for engaging in insider trading on the darknet. Greece-based Apostolos Trovias, known as the "The Bull" frequently used encrypted messaging services and the dark web for soliciting, exchanging and selling inside information. [...]
https://www.bleepingcomputer.com/news/security/us-indicts-dark-web-user-the-bull-for-insider-trading/
The U.S. Department of Justice (DoJ) has charged an individual for engaging in insider trading on the darknet. Greece-based Apostolos Trovias, known as the "The Bull" frequently used encrypted messaging services and the dark web for soliciting, exchanging and selling inside information. [...]
https://www.bleepingcomputer.com/news/security/us-indicts-dark-web-user-the-bull-for-insider-trading/
BleepingComputer
US indicts dark web user 'The Bull' for insider trading
The U.S. Department of Justice (DoJ) has charged an individual for engaging in insider trading on the darknet. Greece-based Apostolos Trovias, known as the "The Bull" frequently used encrypted messaging services and the dark web for soliciting, exchangingβ¦
Adobe updates fix 28 vulnerabilities in 6 programs
Adobe has released a giant Patch Tuesday security update release that fixes vulnerabilities in Adobe Dimension, Illustrator, Framemaker, Acrobat, Reader, and Bridge. [...]
https://www.bleepingcomputer.com/news/security/adobe-updates-fix-28-vulnerabilities-in-6-programs/
Adobe has released a giant Patch Tuesday security update release that fixes vulnerabilities in Adobe Dimension, Illustrator, Framemaker, Acrobat, Reader, and Bridge. [...]
https://www.bleepingcomputer.com/news/security/adobe-updates-fix-28-vulnerabilities-in-6-programs/
BleepingComputer
Adobe updates fix 28 vulnerabilities in 6 programs
Adobe has released a giant Patch Tuesday security update release that fixes vulnerabilities in Adobe Dimension, Illustrator, Framemaker, Acrobat, Reader, and Bridge.
Amazon starts rolling out Ring end-to-end encryption globally
Amazon-owned Ring has announced starting the worldwide roll out of video End-to-End Encryption (E2EE) to customers with compatible devices. [...]
https://www.bleepingcomputer.com/news/security/amazon-starts-rolling-out-ring-end-to-end-encryption-globally/
Amazon-owned Ring has announced starting the worldwide roll out of video End-to-End Encryption (E2EE) to customers with compatible devices. [...]
https://www.bleepingcomputer.com/news/security/amazon-starts-rolling-out-ring-end-to-end-encryption-globally/
BleepingComputer
Amazon starts rolling out Ring end-to-end encryption globally
Amazon-owned Ring has announced starting the worldwide roll out of video End-to-End Encryption (E2EE) to customers with compatible devices.
Hackers used SolarWinds zero-day bug to target US Defense orgs
China-based hackers actively target US defense and software companies using a vulnerability in the SolarWinds Serv-U FTP server. [...]
https://www.bleepingcomputer.com/news/microsoft/hackers-used-solarwinds-zero-day-bug-to-target-us-defense-orgs/
China-based hackers actively target US defense and software companies using a vulnerability in the SolarWinds Serv-U FTP server. [...]
https://www.bleepingcomputer.com/news/microsoft/hackers-used-solarwinds-zero-day-bug-to-target-us-defense-orgs/
BleepingComputer
Hackers use new SolarWinds zero-day to target US Defense orgs
China-based hackers actively target US defense and software companies using a vulnerability in the SolarWinds Serv-U FTP server.
Trickbot updates its VNC module for high-value targets
The Trickbot botnet malware that often distributes various ransomware strains, continues to be the most prevalent threat as its developers update the VNC module used for remote control over infected systems. [...]
https://www.bleepingcomputer.com/news/security/trickbot-updates-its-vnc-module-for-high-value-targets/
The Trickbot botnet malware that often distributes various ransomware strains, continues to be the most prevalent threat as its developers update the VNC module used for remote control over infected systems. [...]
https://www.bleepingcomputer.com/news/security/trickbot-updates-its-vnc-module-for-high-value-targets/
BleepingComputer
Trickbot updates its VNC module for high-value targets
The Trickbot botnet malware that often distributes various ransomware strains, continues to be the most prevalent threat as its developers update the VNC module used for remote control over infected systems.
Chinese cyberspiesβ wide-scale APT campaign hits Asian govt entities
Kaspersky researchers have revealed an ongoing and large-scale advanced persistent threat (APT) campaign with hundreds of victims from Southeast Asia, including Myanmar and the Philippines government entities. [...]
https://www.bleepingcomputer.com/news/security/chinese-cyberspies-wide-scale-apt-campaign-hits-asian-govt-entities/
Kaspersky researchers have revealed an ongoing and large-scale advanced persistent threat (APT) campaign with hundreds of victims from Southeast Asia, including Myanmar and the Philippines government entities. [...]
https://www.bleepingcomputer.com/news/security/chinese-cyberspies-wide-scale-apt-campaign-hits-asian-govt-entities/
BleepingComputer
Chinese cyberspiesβ wide-scale APT campaign hits Asian govt entities
Kaspersky researchers have revealed an ongoing and large-scale advanced persistent threat (APT) campaign with hundreds of victims from Southeast Asia, including Myanmar and the Philippines government entities.
Detonating Ransomware on My Own Computer (Donβt Try This at Home)
Ransomware attacks are a daily occurrence, announcing new levels of danger and confusion to an already complicated business of protecting data. How it behaves can tell us lot about a ransomware attack - so I recently detonated Conti ransomware in a controlled environment to demonstrate the importance of proper cyber protection. [...]
https://www.bleepingcomputer.com/news/security/detonating-ransomware-on-my-own-computer-don-t-try-this-at-home/
Ransomware attacks are a daily occurrence, announcing new levels of danger and confusion to an already complicated business of protecting data. How it behaves can tell us lot about a ransomware attack - so I recently detonated Conti ransomware in a controlled environment to demonstrate the importance of proper cyber protection. [...]
https://www.bleepingcomputer.com/news/security/detonating-ransomware-on-my-own-computer-don-t-try-this-at-home/
BleepingComputer
Detonating Ransomware on My Own Computer (Donβt Try This at Home)
Ransomware attacks are a daily occurrence, announcing new levels of danger and confusion to an already complicated business of protecting data. How it behaves can tell us lot about a ransomware attack - so I recently detonated Conti ransomware in a controlledβ¦
Windows 365 - Microsoft's new virtualized Cloud PC service
Microsoft has unveiled their greatly anticipated cloud-based Windows 365 service - a virtualized desktop service allowing businesses to deploy and stream Cloud PCs from Azure. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-365-microsofts-new-virtualized-cloud-pc-service/
Microsoft has unveiled their greatly anticipated cloud-based Windows 365 service - a virtualized desktop service allowing businesses to deploy and stream Cloud PCs from Azure. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-365-microsofts-new-virtualized-cloud-pc-service/
BleepingComputer
Windows 365 - Microsoft's new virtualized Cloud PC service
Microsoft has unveiled their greatly anticipated cloud-based Windows 365 service - a virtualized desktop service allowing businesses to deploy and stream Cloud PCs from Azure.
SonicWall warns of 'critical' ransomware risk to SMA 100 VPN appliances
SonicWall has issued an "urgent security notice" warning customers of ransomware attacks targeting unpatched end-of-life (EoL) Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. [...]
https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-critical-ransomware-risk-to-sma-100-vpn-appliances/
SonicWall has issued an "urgent security notice" warning customers of ransomware attacks targeting unpatched end-of-life (EoL) Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. [...]
https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-critical-ransomware-risk-to-sma-100-vpn-appliances/
BleepingComputer
SonicWall warns of 'critical' ransomware risk to SMA 100 VPN appliances
SonicWall has issued an "urgent security notice" warning customers of ransomware attacks targeting unpatched end-of-life (EoL) Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products.
Google: Russian SVR hackers targeted LinkedIn users with Safari zero-day
Google security researcher shared more information on four security vulnerabilities also known as zero-days, unknown before they discovered them being exploited in the wild earlier this year. [...]
https://www.bleepingcomputer.com/news/security/google-russian-svr-hackers-targeted-linkedin-users-with-safari-zero-day/
Google security researcher shared more information on four security vulnerabilities also known as zero-days, unknown before they discovered them being exploited in the wild earlier this year. [...]
https://www.bleepingcomputer.com/news/security/google-russian-svr-hackers-targeted-linkedin-users-with-safari-zero-day/
BleepingComputer
Google: Russian SVR hackers targeted LinkedIn users with Safari zero-day
Google security researcher shared more information on four security vulnerabilities also known as zero-days, unknown before they discovered them being exploited in the wild earlier this year.
Google Chrome will add HTTPS-First Mode to keep your data safe
Google will add an HTTPS-First Mode to the Chrome web browser to block attackers from intercepting or eavesdropping on users' web traffic. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-will-add-https-first-mode-to-keep-your-data-safe/
Google will add an HTTPS-First Mode to the Chrome web browser to block attackers from intercepting or eavesdropping on users' web traffic. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-will-add-https-first-mode-to-keep-your-data-safe/
BleepingComputer
Google Chrome will add HTTPS-First Mode to keep your data safe
Google will add an HTTPS-First Mode to the Chrome web browser to block attackers from intercepting or eavesdropping on users' web traffic.
BazarBackdoor sneaks in through nested RAR and ZIP archives
Security researchers caught a new phishing campaign that tried to deliver the BazarBackdoor malware by using the multi-compression technique and masking it as an image file. [...]
https://www.bleepingcomputer.com/news/security/bazarbackdoor-sneaks-in-through-nested-rar-and-zip-archives/
Security researchers caught a new phishing campaign that tried to deliver the BazarBackdoor malware by using the multi-compression technique and masking it as an image file. [...]
https://www.bleepingcomputer.com/news/security/bazarbackdoor-sneaks-in-through-nested-rar-and-zip-archives/
BleepingComputer
BazarBackdoor sneaks in through nested RAR and ZIP archives
Security researchers caught a new phishing campaign that tried to deliver the BazarBackdoor malware by using the multi-compression technique and masking it as an image file.
Hands on with Windows Terminal 1.10's new and useful features
Microsoft released Windows Terminal Preview v1.10 today, and it comes with numerous handy improvements, including bold text support, Quake mode on the taskbar, easier access to the Command Palette, improved settings, and more. [...]
https://www.bleepingcomputer.com/news/microsoft/hands-on-with-windows-terminal-110s-new-and-useful-features/
Microsoft released Windows Terminal Preview v1.10 today, and it comes with numerous handy improvements, including bold text support, Quake mode on the taskbar, easier access to the Command Palette, improved settings, and more. [...]
https://www.bleepingcomputer.com/news/microsoft/hands-on-with-windows-terminal-110s-new-and-useful-features/
BleepingComputer
Hands on with Windows Terminal 1.10's new and useful features
Microsoft released Windows Terminal Preview v1.10 today, and it comes with numerous handy improvements, including bold text support, Quake mode on the taskbar, easier access to the Command Palette, improved settings, and more.
Windows 10 printing issues fixed by July Patch Tuesday update
Microsoft has addressed the Windows 10 printing issues caused by changes introduced in the June 2021 cumulative update preview with an update issued during this month's Patch Tuesday. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-printing-issues-fixed-by-july-patch-tuesday-update/
Microsoft has addressed the Windows 10 printing issues caused by changes introduced in the June 2021 cumulative update preview with an update issued during this month's Patch Tuesday. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-printing-issues-fixed-by-july-patch-tuesday-update/
BleepingComputer
Windows 10 printing issues fixed by July Patch Tuesday update
Microsoft has addressed the Windows 10 printing issues caused by changes introduced in the June 2021 cumulative update preview with an update issued during this month's Patch Tuesday.
Software maker removes "backdoor" giving root access to radio devices
The author of a popular software-defined radio (SDR) project has removed a "backdoor" from radio devices that granted root-level access. The backdoor had been, according to the author, present in all versions of KiwiSDR devices for the purposes of remote administration and debugging. [...]
https://www.bleepingcomputer.com/news/security/software-maker-removes-backdoor-giving-root-access-to-radio-devices/
The author of a popular software-defined radio (SDR) project has removed a "backdoor" from radio devices that granted root-level access. The backdoor had been, according to the author, present in all versions of KiwiSDR devices for the purposes of remote administration and debugging. [...]
https://www.bleepingcomputer.com/news/security/software-maker-removes-backdoor-giving-root-access-to-radio-devices/
BleepingComputer
Software maker removes "backdoor" giving root access to radio devices
The author of a popular software-defined radio (SDR) project has removed a "backdoor" from radio devices that granted root-level access. The backdoor had been, according to the author, present in all versions of KiwiSDR devices for the purposes of remoteβ¦
Microsoft: Update Windows Server 2012 before extended support ends
Microsoft has reminded Windows Server 2012 and SQL Server 2012 users that the products will reach their extended support end dates during the next two years, urging them to update to avoid security and compliance gaps. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-update-windows-server-2012-before-extended-support-ends/
Microsoft has reminded Windows Server 2012 and SQL Server 2012 users that the products will reach their extended support end dates during the next two years, urging them to update to avoid security and compliance gaps. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-update-windows-server-2012-before-extended-support-ends/
BleepingComputer
Microsoft: Update Windows Server 2012 before extended support ends
Microsoft has reminded Windows Server 2012 and SQL Server 2012 users that the products will reach their extended support end dates during the next two years, urging them to update to avoid security and compliance gaps.
Linux version of HelloKitty ransomware targets VMware ESXi servers
βThe ransomware gang behind the highly publicized attack on CD Projekt Red uses a Linux variant that targets VMware's ESXi virtual machine platform for maximum damage. [...]
https://www.bleepingcomputer.com/news/security/linux-version-of-hellokitty-ransomware-targets-vmware-esxi-servers/
βThe ransomware gang behind the highly publicized attack on CD Projekt Red uses a Linux variant that targets VMware's ESXi virtual machine platform for maximum damage. [...]
https://www.bleepingcomputer.com/news/security/linux-version-of-hellokitty-ransomware-targets-vmware-esxi-servers/
BleepingComputer
Linux version of HelloKitty ransomware targets VMware ESXi servers
βThe ransomware gang behind the highly publicized attack on CD Projekt Red uses a Linux variant that targets VMware's ESXi virtual machine platform for maximum damage.
WooCommerce fixes vulnerability exposing 5 million sites to data theft
WooCommerce, the popular e-commerce plugin for the WordPress content management system has been updated to patch a serious vulnerability that could be exploited without authentication. [...]
https://www.bleepingcomputer.com/news/security/woocommerce-fixes-vulnerability-exposing-5-million-sites-to-data-theft/
WooCommerce, the popular e-commerce plugin for the WordPress content management system has been updated to patch a serious vulnerability that could be exploited without authentication. [...]
https://www.bleepingcomputer.com/news/security/woocommerce-fixes-vulnerability-exposing-5-million-sites-to-data-theft/
BleepingComputer
WooCommerce fixes vulnerability exposing 5 million sites to data theft
WooCommerce, the popular e-commerce plugin for the WordPress content management system has been updated to patch a serious vulnerability that could be exploited without authentication.