βMicrosoft announces new Windows 'checkpoint' cumulative updates
Microsoft will introduce checkpoint cumulative updates starting in late 2024 for systems running devices running Windows Server 2025 and Windows 11, version 24H2 or later. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-windows-checkpoint-cumulative-updates/
Microsoft will introduce checkpoint cumulative updates starting in late 2024 for systems running devices running Windows Server 2025 and Windows 11, version 24H2 or later. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-windows-checkpoint-cumulative-updates/
BleepingComputer
Microsoft announces new Windows 'checkpoint' cumulative updates
Microsoft will introduce checkpoint cumulative updates starting in late 2024 for systems running devices running Windows Server 2025 and Windows 11, version 24H2 or later.
π1π©1
βEmail addresses of 15 million Trello users leaked on hacking forum
A threat actor has released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January. [...]
https://www.bleepingcomputer.com/news/security/email-addresses-of-15-million-trello-users-leaked-on-hacking-forum/
A threat actor has released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January. [...]
https://www.bleepingcomputer.com/news/security/email-addresses-of-15-million-trello-users-leaked-on-hacking-forum/
BleepingComputer
Email addresses of 15 million Trello users leaked on hacking forum
A threat actor has released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January.
π©5π₯΄1
βCISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks
βCISA is warning that a critical GeoServer GeoTools remote code execution flaw tracked as CVE-2024-36401 is being actively exploited in attacks. [...]
https://www.bleepingcomputer.com/news/security/cisa-warns-critical-geoserver-geotools-rce-flaw-is-exploited-in-attacks/
βCISA is warning that a critical GeoServer GeoTools remote code execution flaw tracked as CVE-2024-36401 is being actively exploited in attacks. [...]
https://www.bleepingcomputer.com/news/security/cisa-warns-critical-geoserver-geotools-rce-flaw-is-exploited-in-attacks/
BleepingComputer
CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks
βCISA is warning that a critical GeoServer GeoTools remote code execution flaw tracked as CVE-2024-36401 is being actively exploited in attacks.
βKaspersky offers free security software for six months in U.S. goodbye
Kaspersky is offering free security products for six months and tips for staying safe as a parting gift to consumers in the United States. [...]
https://www.bleepingcomputer.com/news/security/kaspersky-offers-free-security-software-for-six-months-in-us-goodbye/
Kaspersky is offering free security products for six months and tips for staying safe as a parting gift to consumers in the United States. [...]
https://www.bleepingcomputer.com/news/security/kaspersky-offers-free-security-software-for-six-months-in-us-goodbye/
BleepingComputer
Kaspersky offers free security software for six months in U.S. goodbye
Kaspersky is offering free security products for six months and tips for staying safe as a parting gift to consumers in the United States.
π7π5π€4π’1
β5 steps to automate user access reviews and simplify IT compliance
While SaaS tools are a boon for worker productivity, they introduce complexity when it comes to IT audits and compliance. Learn more from Nudge Security about automating user access reviews to simplify this process. [...]
https://www.bleepingcomputer.com/news/security/5-steps-to-automate-user-access-reviews-and-simplify-it-compliance/
While SaaS tools are a boon for worker productivity, they introduce complexity when it comes to IT audits and compliance. Learn more from Nudge Security about automating user access reviews to simplify this process. [...]
https://www.bleepingcomputer.com/news/security/5-steps-to-automate-user-access-reviews-and-simplify-it-compliance/
BleepingComputer
5 steps to automate user access reviews and simplify IT compliance
While SaaS tools are a boon for worker productivity, they introduce complexity when it comes to IT audits and compliance. Learn more from Nudge Security about automating user access reviews to simplify this process.
βYacht giant MarineMax data breach impacts over 123,000 people
MarineMax, self-described as the world's largest recreational boat and yacht retailer, is notifying over 123,000 customers whose personal information was stolen in a March security breach claimed by the Rhysida ransomware gang. [...]
https://www.bleepingcomputer.com/news/security/yacht-giant-marinemax-data-breach-impacts-over-123-000-people/
MarineMax, self-described as the world's largest recreational boat and yacht retailer, is notifying over 123,000 customers whose personal information was stolen in a March security breach claimed by the Rhysida ransomware gang. [...]
https://www.bleepingcomputer.com/news/security/yacht-giant-marinemax-data-breach-impacts-over-123-000-people/
BleepingComputer
Yacht giant MarineMax data breach impacts over 123,000 people
MarineMax, self-described as the world's largest recreational boat and yacht retailer, is notifying over 123,000 customers whose personal information was stolen in a March security breach claimed by the Rhysida ransomware gang.
βOver 400,000 Life360 user phone numbers leaked via unsecured API
A threat actor has leaked a database containing the personal information of 442,519 Life360 customers collected by abusing a flaw in the login API. [...]
https://www.bleepingcomputer.com/news/security/over-400-000-life360-user-phone-numbers-leaked-via-unsecured-android-api/
A threat actor has leaked a database containing the personal information of 442,519 Life360 customers collected by abusing a flaw in the login API. [...]
https://www.bleepingcomputer.com/news/security/over-400-000-life360-user-phone-numbers-leaked-via-unsecured-android-api/
BleepingComputer
Over 400,000 Life360 user phone numbers leaked via unsecured API
A threat actor has leaked a database containing the personal information of 442,519 Life360 customers collected by abusing a flaw in the login API.
βCisco SSM On-Prem bug lets hackers change any user's password
Cisco has fixed a maximum severity vulnerability that allows attackers to change any user's password on vulnerable Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers, including administrators. [...]
https://www.bleepingcomputer.com/news/security/cisco-ssm-on-prem-bug-lets-hackers-change-any-users-password/
Cisco has fixed a maximum severity vulnerability that allows attackers to change any user's password on vulnerable Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers, including administrators. [...]
https://www.bleepingcomputer.com/news/security/cisco-ssm-on-prem-bug-lets-hackers-change-any-users-password/
BleepingComputer
Cisco SSM On-Prem bug lets hackers change any user's password
Cisco has fixed a maximum severity vulnerability that allows attackers to change any user's password on vulnerable Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers, including administrators.
βExchange Online adds Inbound DANE with DNSSEC for security boost
Microsoft is rolling out inbound SMTP DANE with DNSSEC for Exchange Online in public preview, a new capability to boost email integrity and security. [...]
https://www.bleepingcomputer.com/news/microsoft/exchange-online-adds-inbound-dane-with-dnssec-for-security-boost/
Microsoft is rolling out inbound SMTP DANE with DNSSEC for Exchange Online in public preview, a new capability to boost email integrity and security. [...]
https://www.bleepingcomputer.com/news/microsoft/exchange-online-adds-inbound-dane-with-dnssec-for-security-boost/
BleepingComputer
Exchange Online adds Inbound DANE with DNSSEC for security boost
Microsoft is rolling out inbound SMTP DANE with DNSSEC for Exchange Online in public preview, a new capability to boost email integrity and security.
π©2
βNotorious FIN7 hackers sell EDR killer to other threat actors
The notorious FIN7 hacking group has been spotted selling its custom "AvNeutralizer" tool, used to evade detection by killing enterprise endpoint protection software on corporate networks. [...]
https://www.bleepingcomputer.com/news/security/notorious-fin7-hackers-sell-edr-killer-to-other-threat-actors/
The notorious FIN7 hacking group has been spotted selling its custom "AvNeutralizer" tool, used to evade detection by killing enterprise endpoint protection software on corporate networks. [...]
https://www.bleepingcomputer.com/news/security/notorious-fin7-hackers-sell-edr-killer-to-other-threat-actors/
BleepingComputer
Notorious FIN7 hackers sell EDR killer to other threat actors
The notorious FIN7 hacking group has been spotted selling its custom "AvNeutralizer" tool, used to evade detection by killing enterprise endpoint protection software on corporate networks.
π2π1π1
βMicrosoft: Windows 11 23H2 now available for all eligible devices
Microsoft says the Windows 11 2023 Update has entered the broad deployment phase and is now available to all seekers on eligible systems. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-11-23h2-now-available-for-all-eligible-devices/
Microsoft says the Windows 11 2023 Update has entered the broad deployment phase and is now available to all seekers on eligible systems. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-11-23h2-now-available-for-all-eligible-devices/
BleepingComputer
Microsoft: Windows 11 23H2 now available for all eligible devices
Microsoft says the Windows 11 2023 Update has entered the broad deployment phase and is now available to all seekers on eligible systems.
π5π₯1
βCritical Cisco bug lets hackers add root users on SEG devices
Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments. [...]
https://www.bleepingcomputer.com/news/security/critical-cisco-bug-lets-hackers-add-root-users-on-seg-devices/
Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments. [...]
https://www.bleepingcomputer.com/news/security/critical-cisco-bug-lets-hackers-add-root-users-on-seg-devices/
BleepingComputer
Critical Cisco bug lets hackers add root users on SEG devices
Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments.
βMicrosoft fixes bug blocking Windows 11 Photos from starting
Microsoft has fixed a known issue preventing the Microsoft Photos app from starting on some Windows 11 22H2 and 23H2 systems. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-blocking-windows-11-photos-from-starting/
Microsoft has fixed a known issue preventing the Microsoft Photos app from starting on some Windows 11 22H2 and 23H2 systems. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-blocking-windows-11-photos-from-starting/
BleepingComputer
Microsoft fixes bug blocking Windows 11 Photos from starting
Microsoft has fixed a known issue preventing the Microsoft Photos app from starting on some Windows 11 22H2 and 23H2 systems.
π©6π1
βSolarWinds fixes 8 critical bugs in access rights audit software
SolarWinds has fixed eight critical vulnerabilities in its Access Rights Manager (ARM) software, six of which allowed attackers to gain remote code execution (RCE) on vulnerable devices. [...]
https://www.bleepingcomputer.com/news/security/solarwinds-fixes-8-critical-bugs-in-access-rights-audit-software/
SolarWinds has fixed eight critical vulnerabilities in its Access Rights Manager (ARM) software, six of which allowed attackers to gain remote code execution (RCE) on vulnerable devices. [...]
https://www.bleepingcomputer.com/news/security/solarwinds-fixes-8-critical-bugs-in-access-rights-audit-software/
BleepingComputer
SolarWinds fixes 8 critical bugs in access rights audit software
SolarWinds has fixed eight critical vulnerabilities in its Access Rights Manager (ARM) software, six of which allowed attackers to gain remote code execution (RCE) on vulnerable devices.
βRevolver Rabbit gang registers 500,000 domains for malware campaigns
A cybercriminal gang that researchers track as Revolver Rabbit has registered more than 500,000 domain names for infostealer campaigns that target Windows and macOS systems. [...]
https://www.bleepingcomputer.com/news/security/revolver-rabbit-gang-registers-500-000-domains-for-malware-campaigns/
A cybercriminal gang that researchers track as Revolver Rabbit has registered more than 500,000 domain names for infostealer campaigns that target Windows and macOS systems. [...]
https://www.bleepingcomputer.com/news/security/revolver-rabbit-gang-registers-500-000-domains-for-malware-campaigns/
BleepingComputer
Revolver Rabbit gang registers 500,000 domains for malware campaigns
A cybercriminal gang that researchers track as Revolver Rabbit has registered more than 500,000 domain names for infostealer campaigns that target Windows and macOS systems.
π€―3π₯2π2π1
βMajor Microsoft 365 outage caused by Azure configuration change
Microsoft says an Azure configuration change caused a major Microsoft 365 outage on Thursday, affecting customers across the Central US region. [...]
https://www.bleepingcomputer.com/news/microsoft/major-microsoft-365-outage-caused-by-azure-configuration-change/
Microsoft says an Azure configuration change caused a major Microsoft 365 outage on Thursday, affecting customers across the Central US region. [...]
https://www.bleepingcomputer.com/news/microsoft/major-microsoft-365-outage-caused-by-azure-configuration-change/
BleepingComputer
Major Microsoft 365 outage caused by Azure configuration change
Microsoft says an Azure configuration change caused a major Microsoft 365 outage on Thursday, affecting customers across the Central US region.
π7π₯΄4π2π1π€‘1
βRussians plead guilty to involvement in LockBit ransomware attacks
Two Russian individuals admitted to participating in many LockBit ransomware attacks, which targeted victims worldwide and across the United States. [...]
https://www.bleepingcomputer.com/news/security/russians-plead-guilty-to-involvement-in-lockbit-ransomware-attacks/
Two Russian individuals admitted to participating in many LockBit ransomware attacks, which targeted victims worldwide and across the United States. [...]
https://www.bleepingcomputer.com/news/security/russians-plead-guilty-to-involvement-in-lockbit-ransomware-attacks/
BleepingComputer
Russians plead guilty to involvement in LockBit ransomware attacks
Two Russian individuals admitted to participating in many LockBit ransomware attacks, which targeted victims worldwide and across the United States.
βCrowdStrike update crashes Windows systems, causes outages worldwide
A faulty component in the latest CrowdStrike Falcon update is crashing Windows systems, impacting various organizations and services across the world, including airports, TV stations, and hospitals. [...]
https://www.bleepingcomputer.com/news/security/crowdstrike-update-crashes-windows-systems-causes-outages-worldwide/
A faulty component in the latest CrowdStrike Falcon update is crashing Windows systems, impacting various organizations and services across the world, including airports, TV stations, and hospitals. [...]
https://www.bleepingcomputer.com/news/security/crowdstrike-update-crashes-windows-systems-causes-outages-worldwide/
BleepingComputer
CrowdStrike update crashes Windows systems, causes outages worldwide
A faulty component in the latest CrowdStrike Falcon update is crashing Windows systems, impacting various organizations and services across the world, including airports, TV stations, and hospitals.
π11π6π₯°3π©1
βMediSecure: Ransomware gang stole data of 12.9 million people
MediSecure, an Australian prescription delivery service provider, revealed that roughly 12.9 million people had their personal and health information stolen in an April ransomware attack. [...]
https://www.bleepingcomputer.com/news/security/medisecure-ransomware-gang-stole-data-of-129-million-people/
MediSecure, an Australian prescription delivery service provider, revealed that roughly 12.9 million people had their personal and health information stolen in an April ransomware attack. [...]
https://www.bleepingcomputer.com/news/security/medisecure-ransomware-gang-stole-data-of-129-million-people/
BleepingComputer
MediSecure: Ransomware gang stole data of 12.9 million people
MediSecure, an Australian prescription delivery service provider, revealed that roughly 12.9 million people had their personal and health information stolen in an April ransomware attack.
π±1
βMicrosoft confirms CrowdStrike update also hit Windows 365 PCs
Microsoft says the faulty CrowdStrike Falcon update, which caused widespread outages by crashing Windows systems worldwide, also resulted in Windows 365 Cloud PCs getting stuck in reboot loops, rendering them unusable. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-365-cloud-pcs-stuck-restarting-after-crowdstrike-update/
Microsoft says the faulty CrowdStrike Falcon update, which caused widespread outages by crashing Windows systems worldwide, also resulted in Windows 365 Cloud PCs getting stuck in reboot loops, rendering them unusable. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-365-cloud-pcs-stuck-restarting-after-crowdstrike-update/
BleepingComputer
Microsoft confirms CrowdStrike update also hit Windows 365 PCs
Microsoft says the faulty CrowdStrike Falcon update, which caused widespread outages by crashing Windows systems worldwide, also resulted in Windows 365 Cloud PCs getting stuck in reboot loops, rendering them unusable.
π€‘11π2π1